def report_info(report_id):
"""View a report"""
report = IncidentReport.query.filter_by(id=report_id).first()
if report is None:
abort(404)
"""Either the user is looking at their own report, or the user is either
an admin or agency worker."""
if (not (current_user.is_admin() or current_user.is_agency_worker())) and \
(report.user_id != current_user.id):
abort(403)
return render_template('reports/manage_report.html', report=report)
def view_reports():
"""View all idling incident reports.
Admins can see all reports.
Agency workers can see reports for their affiliated agencies.
General users do not have access to this page."""
agencies = []
if current_user.is_admin():
incident_reports = IncidentReport.query.all()
agencies = Agency.query.all()
elif current_user.is_agency_worker():
incident_reports = []
agencies = current_user.agencies
for agency in current_user.agencies:
incident_reports.extend(agency.incident_reports)
# TODO test using real data
return render_template('reports/reports.html', reports=incident_reports,
agencies=agencies)