def edit_event(event_id):
try:
if current_user.is_admin:
event = session.query(Event).get(event_id)
else:
event = session.query(Event).filter(
and_(Event.id == event_id,
Event.owner_id == current_user.id)).one()
except NoResultFound:
return redirect('/events/all')
event_form = EventForm(request.form, obj=event)
event_form.report.data = event.report.text
if helpers.validate_form_on_submit(event_form):
event_instance = gather_form_data(event)
return redirect('/events/{}?success=1'.format(event_instance.id))
data = copy(names)
data['data'] = event
return render_template("item_edit.html",
data=data,
form=event_form,
action='edit')
def delete_actor(actor_id):
try:
if current_user.is_admin:
actor = session.query(Actor).get(actor_id)
else:
actor = session.query(Actor).filter(
and_(Actor.id == actor_id,
Actor.owner_id == current_user.id)).one()
except NoResultFound:
return redirect('/actors/all')
session.delete(actor)
return redirect('/actors/all?success=1')
def delete_event(event_id):
try:
if current_user.is_admin:
event = session.query(Event).get(event_id)
else:
event = session.query(Event).filter(
and_(Event.id == event_id,
Event.owner_id == current_user.id)).one()
except NoResultFound:
return redirect('/events/all')
session.delete(event)
session.flush()
return redirect('/events/all?success=1')
def view_all_actors():
if current_user.is_admin:
all_actors = session.query(Actor).all()
else:
all_actors = session.query(Actor).filter(
Actor.owner_id == current_user.id)
all_actors = [{
k: v
for k, v in x.__dict__.iteritems() if not k.startswith('_sa_')
} for x in all_actors]
data = copy(names)
data['data'] = all_actors
return render_template("item_view_all.html", data=data)
def view_actor(actor_id):
data = copy(names)
try:
if current_user.is_admin:
actor = session.query(Actor).get(actor_id)
else:
actor = session.query(Actor).filter(
and_(Actor.id == actor_id,
Actor.owner_id == current_user.id)).one()
fields = flatten_instance(actor, Actor)
except NoResultFound:
return redirect('/actors/all')
data['data'] = fields
return render_template("item_view_single.html", data=data)
def view_source(source_id):
source = session.query(Source).get(source_id)
fields = flatten_instance(source, Source)
data = copy(names)
data['data'] = fields
return render_template("item_view_single.html", data=data)
def search_actor():
term = request.args.get('term', None)
if term is None:
abort(401, "Missing term parameter")
result = session.query(Source).filter(
Source.name.like(("%{}%".format(term)))).all()
return json.dumps([{"label": x.name, "value": x.id} for x in result])
def view_release_type(release_type_id):
release_type = session.query(ReleaseType).get(release_type_id)
fields = flatten_instance(release_type, ReleaseType)
data = copy(names)
data['data'] = fields
return render_template("item_view_single.html", data=data)
def view_event_type(event_type_id):
event_type = session.query(EventType).get(event_type_id)
fields = flatten_instance(event_type, EventType)
data = copy(names)
data['data'] = fields
return render_template("item_view_single.html", data=data)
def view_organisation(organisation_id):
organisation = session.query(Organisation).get(organisation_id)
fields = flatten_instance(organisation, Organisation)
data = copy(names)
data['data'] = fields
return render_template("item_view_single.html", data=data)
def view_profession(profession_id):
profession = session.query(Profession).get(profession_id)
fields = flatten_instance(profession, Profession)
data = copy(names)
data['data'] = fields
return render_template("item_view_single.html", data=data)
def view_all_locations():
all_locations = session.query(Location).all()
all_locations = [{k: v for k, v in x.__dict__.iteritems() if not k.startswith('_sa_')} for x in all_locations]
data = copy(names)
data['data'] = all_locations
return render_template("item_view_all.html", data=data)
def view_location(location_id):
location = session.query(Location).get(location_id)
fields = flatten_instance(location, Location)
data = copy(names)
data['data'] = fields
return render_template("item_view_single.html", data=data)
def view_prison_type(prison_type_id):
prison_type = session.query(PrisonType).get(prison_type_id)
fields = flatten_instance(prison_type, PrisonType)
data = copy(names)
data['data'] = fields
return render_template("item_view_single.html", data=data)
def view_event(event_id):
data = copy(names)
try:
if current_user.is_admin:
event = session.query(Event).get(event_id)
else:
event = session.query(Event).filter(
and_(Event.id == event_id,
Event.owner_id == current_user.id)).one()
fields = flatten_instance(event, Event)
except NoResultFound:
return redirect('/events/all')
data['data'] = fields
return render_template("item_view_single.html",
data=data,
event=event.__dict__)
def view_all_evidence_types():
all_evidence_types = session.query(EvidenceType).all()
all_evidence_types = [{k: v for k, v in x.__dict__.iteritems() if not k.startswith('_sa_')} for x in all_evidence_types]
data = copy(names)
data['data'] = all_evidence_types
return render_template("item_view_all.html", data=data)
def view_international_authority(international_authority_id):
intl_auth = session.query(InternationalAuthority).get(
international_authority_id)
fields = flatten_instance(intl_auth, InternationalAuthority)
data = copy(names)
data['data'] = fields
return render_template("item_view_single.html", data=data)
def view_user(user_id):
user = session.query(User).get(user_id)
fields = flatten_instance(user, User)
data = copy(names)
data['data'] = fields
return render_template("item_view_single.html",
data=data,
needs_admin=1,
user=current_user)
def view_all_international_authority():
all_international_authority = session.query(InternationalAuthority).all()
all_international_authority = [{
k: v
for k, v in x.__dict__.iteritems() if not k.startswith('_sa_')
} for x in all_international_authority]
data = copy(names)
data['data'] = all_international_authority
return render_template("item_view_all.html", data=data)
def edit_location(location_id):
location = session.query(Location).get(location_id)
location_form = LocationForm(request.form, obj=location)
if helpers.validate_form_on_submit(location_form):
location_form.populate_obj(location)
return redirect('/locations/{}?success=1'.format(location_id))
data = copy(names)
data['data'] = location
return render_template("item_edit.html", data=data, form=location_form, action='edit')
def edit_evidence_type(evidence_type_id):
evidence_type = session.query(EvidenceType).get(evidence_type_id)
evidence_type_form = EvidenceTypeForm(request.form, obj=evidence_type)
if helpers.validate_form_on_submit(evidence_type_form):
evidence_type_form.populate_obj(evidence_type)
return redirect('/evidence_types/{}?success=1'.format(evidence_type_id))
data = copy(names)
data['data'] = evidence_type
return render_template("item_edit.html", data=data, form=evidence_type_form, action='edit')
def edit_organisation(organisation_id):
organisation = session.query(Organisation).get(organisation_id)
organisation_form = OrganisationForm(request.form, obj=organisation)
if helpers.validate_form_on_submit(organisation_form):
organisation_form.populate_obj(organisation)
return redirect('/organisations/{}?success=1'.format(organisation_id))
data = copy(names)
data['data'] = organisation
return render_template("item_edit.html", data=data, form=organisation_form, action='edit')
def view_all_users():
all_users = session.query(User).all()
all_users = [{
k: v
for k, v in x.__dict__.iteritems() if not k.startswith('_sa_')
} for x in all_users]
data = copy(names)
data['data'] = all_users
return render_template("item_view_all.html",
data=data,
needs_admin=1,
user=current_user)
def edit_actor(actor_id):
try:
if current_user.is_admin:
actor = session.query(Actor).get(actor_id)
else:
actor = session.query(Actor).filter(
and_(Actor.id == actor_id,
Actor.owner_id == current_user.id)).one()
except NoResultFound:
return redirect('/actors/all')
actor_form = ActorForm(request.form, obj=actor)
if helpers.validate_form_on_submit(actor_form):
actor_form.populate_obj(actor)
return redirect('/actors/{}?success=1'.format(actor_id))
data = copy(names)
data['data'] = actor
return render_template("item_edit.html",
data=data,
form=actor_form,
action='edit')
def edit_prison_type(prison_type_id):
prison_type = session.query(PrisonType).get(prison_type_id)
prison_type_form = PrisonTypeForm(request.form, obj=prison_type)
if helpers.validate_form_on_submit(prison_type_form):
prison_type_form.populate_obj(prison_type)
return redirect('/prison_types/{}?success=1'.format(prison_type_id))
data = copy(names)
data['data'] = prison_type
return render_template("item_edit.html",
data=data,
form=prison_type_form,
action='edit')
def edit_release_type(release_type_id):
release_type = session.query(ReleaseType).get(release_type_id)
release_type_form = ReleaseTypeForm(request.form, obj=release_type)
if helpers.validate_form_on_submit(release_type_form):
release_type_form.populate_obj(release_type)
return redirect('/release_types/{}?success=1'.format(release_type_id))
data = copy(names)
data['data'] = release_type
return render_template("item_edit.html",
data=data,
form=release_type_form,
action='edit')
def edit_source(source_id):
source = session.query(Source).get(source_id)
source_form = SourceForm(request.form, obj=source)
if helpers.validate_form_on_submit(source_form):
source_form.populate_obj(source)
return redirect('/sources/{}?success=1'.format(source_id))
data = copy(names)
data['data'] = source
return render_template("item_edit.html",
data=data,
form=source_form,
action='edit')
def view_all_events():
if current_user.is_admin:
all_events = session.query(Event).join(Event.owner).all()
else:
all_events = session.query(Event).join(
Event.owner).filter(Event.owner_id == current_user.id)
evs = []
for e in all_events:
evs.append({
"owner":
"{} {}".format(
e.owner.email, ": {}".format(e.owner.organisation.name)
if e.owner.organisation else ""),
"report_date":
e.report_date,
"title":
e.title,
"id":
e.id
})
data = copy(names)
data['data'] = evs
return render_template("item_view_all.html", data=data)
def edit_user(user_id):
user = session.query(User).get(user_id)
user_form = UserForm(request.form, obj=user)
if helpers.validate_form_on_submit(user_form):
user_form.populate_obj(user)
return redirect('/users/{}?success=1'.format(user_id))
data = copy(names)
data['data'] = user
return render_template("item_edit.html",
data=data,
form=user_form,
action='edit',
needs_admin=1,
user=current_user)
def validate_password(self, field):
try:
alleged_user = session.query(User).filter(
and_(User.email == self.login.data)).one()
password = str(field.data)
stored_pwd = str(alleged_user.password)
stored_salt = str(alleged_user.password_salt)
# try to hash PWD with our salt. Does it match result in DB?
hashed_pwd = bcrypt.hashpw(password, stored_salt)
if stored_pwd != hashed_pwd:
print "NOPE"
raise ValidationError("Wrong password")
except NoResultFound:
raise ValidationError("Could not find user")
self.user = alleged_user
