def render(self, template_name, data={}): """Renders the template in the site wide manner. Retrieves the template data needed for the base template (login URL and text, user information, etc.) and merges it with the data passed to the method. Templates are retrieved from the template directory specified in the settings and appended with the suffix ".html" Arguments: template_name: the name of the template. this is the file name of the template without the .html extension. data: a dictionary containing data to be passed to the template. """ (login_text, login_url) = auth.login_logout(self.request) data['uri_for'] = webapp2.uri_for data['user'] = auth.current_user() data['admin'] = auth.user_is_admin() data['login_url'] = login_url data['login_text'] = login_text template = jinja.get_template(template_name + '.html') return self.response.out.write(template.render(data))
def delete(self, key): if auth.user_is_admin(): Project.get(key).delete() else: Messages.add('Only and administrator may delete projects. This ' + 'incident has been logged.') return self.redirect('/projects')
def delete(self, key): if auth.user_is_admin(): Group.get(key).delete() else: Messages.add('Only an administrator may delete groups. This ' + 'incident has been logged.') return self.redirect('/groups')
def delete(self, key): if auth.user_is_admin(): Idea.get(key).delete() else: Messages.add('Only and administrator may delete submitted ideas. ' + 'This incident has been logged.') return self.redirect('/ideas')
def update_student(sid): #---------------------------------- if not (auth.if_auth()): return redirect(url_for('login')) #---------------------------------- form = StudentForm() if form.validate(): student_id = sid session = db.Session() user = session.query(Student).filter_by(id=sid).first() if user: form.populate_obj(user) # Обновляем принадлежность к группе if user.group == '': user.user_id = None else: if not (auth.user_is_admin()): user.user_id = auth.get_user_id() # Сохраняем session.commit() return redirect(url_for('groups')) params = dict() params['student_id'] = sid params['form'] = form params['username'] = auth.get_user_name() return render_template('students/edit_student.html', params=params)
def render(self, template_name, data={}): """Renders the template in the site wide manner. Retrieves the template data needed for the base template (login URL and text, user information, etc.) and merges it with the data passed to the method. Templates are retrieved from the template directory specified in the settings and appended with the suffix ".html" Arguments: template_name: the name of the template. this is the file name of the template without the .html extension. data: a dictionary containing data to be passed to the template. """ (login_text, login_url) = auth.login_logout(self.request) if auth.logged_in(): data['user'] = auth.User(auth.current_user()) data['admin'] = auth.user_is_admin() data['login_url'] = login_url data['login_text'] = login_text data['messages'] = Messages.get() path = os.path.join(settings.BASE_DIR, settings.TEMPLATE_DIR, "%s.html" % template_name) return self.response.out.write(template.render(path, data))
def delete(self, key): """Deletes a project idea.""" if auth.user_is_admin(): Idea.get(key).delete() else: Messages.add('Only and administrator may delete submitted ' + 'ideas. This incident has been logged.') return self.redirect('/ideas')
def delete(self, key): """Deletes a group.""" if auth.user_is_admin(): Group.get(key).delete() else: Messages.add('Only an administrator may delete groups. This ' + 'incident has been logged.') return self.redirect('/groups')
def delete(self, key): """Deletes a project.""" if auth.user_is_admin(): Project.get(key).delete() else: Messages.add('Only and administrator may delete projects. This ' + 'incident has been logged.') return self.redirect('/projects')
def update_group(self, key): if not auth.logged_in(): return self.redirect('/groups') user = auth.current_user() group = Group.get(key) if group.owner.user_id() != user.user_id() and not auth.user_is_admin(): Messages.add('Only the owner of the group owner may modify it') return self.redirect('/groups') name = self.request.get('name') public = self.request.get('public') == 'public' abandon = self.request.get('abandon-project') sub_text = self.request.get('submission-text') sub_url = self.request.get('submission-url') remove_submission = self.request.get_all('remove-submission') remove = self.request.get_all('remove') owner = self.request.get('owner') delete = self.request.get('delete') if delete: group.delete() return self.redirect('/groups') group.name = name group.public = public if abandon: group.project = None if sub_text and sub_url: Submission(text=sub_text, url=sub_url, group=group).put() for sub in Submission.get(remove_submission): sub.delete() pending = list(group.pending_users) for user in pending: approve = self.request.get("approve-%s" % user) if approve == "approve": group.members.append(user) group.pending_users.remove(user) elif approve == "refuse": group.pending_users.remove(user) group.owner = auth.user_from_email(owner) for user in remove: if auth.user_from_email(user) == group.owner: Messages.add('Cannot remove the group owner') return self.redirect('/groups/%s/edit' % key) else: group.members.remove(auth.user_from_email(user)) group.put() return self.redirect('/groups/%s' % key)
def edit(self, key): if not auth.logged_in(): return self.redirect('/groups') user = auth.current_user() group = Group.get(key) if group.owner.user_id() == user.user_id() or auth.user_is_admin(): return self.render('groups_edit', { 'group': group }) else: Messages.add('Only the owner of this group may edit it') return self.redirect('/groups/%s' % key)
def edit(self, key): """Displays the group moderation form.""" if not auth.logged_in(): return self.redirect('/groups') user = auth.current_user() group = Group.get(key) if group.owner.user_id() == user.user_id() or auth.user_is_admin(): return self.render('groups_edit', {'group': group}) else: Messages.add('Only the owner of this group may edit it') return self.redirect('/groups/%s' % key)
def approve(self, key): if auth.user_is_admin(): idea = Idea.get(key) Project(name=idea.name, description=idea.description, author=idea.author, post_time=idea.post_time).put() idea.delete() return self.redirect('/projects') else: Messages.add('Only and administrator may approve submitted ' + 'ideas. This incident has been logged.') return self.redirect('/ideas')
def approve(self, key): """Promotes a project idea to an accepted project.""" if auth.user_is_admin(): idea = Idea.get(key) Project(name=idea.name, description=idea.description, author=idea.author, post_time=idea.post_time).put() idea.delete() return self.redirect('/projects') else: Messages.add('Only and administrator may approve submitted ' + 'ideas. This incident has been logged.') return self.redirect('/ideas')
def ideas(request): if request.method == "GET": (login_text, login_url) = auth.login_logout(request) idea_list = Idea.objects.all().order_by("-post_time") return basic_response( "apps/ideas.html", request, {"admin": auth.user_is_admin(), "ideas": idea_list, "login_url": login_url, "login_text": login_text}, ) elif request.method == "POST": idea = Idea() idea.name = request.POST["name"] idea.description = request.POST["description"] idea.author = auth.current_user() idea.save() return HttpResponseRedirect(reverse("apps.views.ideas")) else: raise Http404
def update_group(self, key): """Updates a group with information from the moderation form. Form Variables: name: the name of the group public: true if the group should be joinable by the public abandon-project: true if the group moderator wants to abandon the current project submission-text: the text to be displayed for the new submission submission-url: the URL of the new submission remove-submission: a list of submissions to be removed remove: a list of users to be removed from the group owner: the owner of the group delete: true if the group moderator wants to disband the group """ if not auth.logged_in(): return self.redirect('/groups') user = auth.current_user() group = Group.get(key) if (group.owner.user_id() != user.user_id() and not auth.user_is_admin()): Messages.add('Only the owner of the group owner may modify it') return self.redirect('/groups') name = self.request.get('name') public = self.request.get('public') == 'public' abandon = self.request.get('abandon-project') sub_text = self.request.get('submission-text') sub_url = self.request.get('submission-url') remove_submission = self.request.get_all('remove-submission') remove = self.request.get_all('remove') owner = self.request.get('owner') delete = self.request.get('delete') if delete: group.delete() return self.redirect('/groups') group.name = name group.public = public if abandon: group.project = None if sub_text and sub_url: Submission(text=sub_text, url=sub_url, group=group).put() for sub in Submission.get(remove_submission): sub.delete() pending = list(group.pending_users) for user in pending: approve = self.request.get("approve-%s" % user) if approve == "approve": group.members.append(user) group.pending_users.remove(user) elif approve == "refuse": group.pending_users.remove(user) group.owner = auth.user_from_email(owner) for user in remove: if auth.user_from_email(user) == group.owner: Messages.add('Cannot remove the group owner') return self.redirect('/groups/%s/edit' % key) else: group.members.remove(auth.user_from_email(user)) group.put() return self.redirect('/groups/%s' % key)