def AuthenticatedPost(self, authenticated_org, event):
        form = primary_contact_db.ContactFormFull(self.request.POST)
        org_id = self.request.get("choose_organization")  # TODO: is this intended?
        try:
            id = int(org_id)
            org = organization.Organization.get_by_id(id)
        except:
            return

        # validate form and save if successful
        if form.validate():
            contact = primary_contact_db.Contact(
                first_name=form.first_name.data,
                last_name=form.last_name.data,
                title=form.title.data,
                phone=form.phone.data,
                email=form.email.data,
                is_primary = bool(form.is_primary.data),
                organization = org.key(),
            )
            primary_contact_db.PutAndCache(contact, ten_minutes)
            self.redirect("/organization-settings?message=Contact created. It may take a few moments for the contact to show up on your list.")
            return
        else:
            self.response.out.write(template.render({
                "form": form,
                "organization_list": self._get_org_list(org),
            }))
            return
def PutAndCacheOrganizationAndContact(organization, contact_or_contacts):
    PutAndCache(organization, ten_minutes)

    # handle one or more contacts
    try:
        contacts = iter(contact_or_contacts)
    except TypeError:
        contacts = [contact_or_contacts]
    for contact in contacts:
        contact.organization = organization.key()
        primary_contact_db.PutAndCache(contact, ten_minutes)
    def AuthenticatedPost(self, org, event):
        global_admin = False
        local_admin = False
        if org.name == GLOBAL_ADMIN_NAME:
            global_admin = True
        if org.is_admin == True and global_admin == False:
            local_admin = True

        if global_admin == False and local_admin == False:
            self.redirect("/")
            return

        if self.request.get("create_contact"):
            data = primary_contact_db.ContactFormFull(self.request.POST)
            if data.validate():
                organization_id = self.request.get("choose_organization")
                try:
                    id = int(organization_id)
                except:
                    return
                this_organization = organization.Organization.get_by_id(id)
                if not org.may_administer(this_organization):
                    self.abort(403)
                contact = primary_contact_db.Contact(
                    first_name=data.first_name.data,
                    last_name=data.last_name.data,
                    title=data.title.data,
                    phone=data.phone.data,
                    email=data.email.data,
                    is_primary=bool(data.is_primary.data),
                    organization=this_organization.key(),
                )
                primary_contact_db.PutAndCache(contact, ten_minutes)
                self.redirect(
                    "/admin-create-contact?selected_org=%s&message=Contact Created"
                    % this_organization.key().id())
                return
            else:
                #query_string = "SELECT * FROM Event"
                #events_list = db.GqlQuery(query_string)
                suggested_password = random_password.generate_password()
                query_string = "SELECT * FROM Organization"
                organization_list = db.GqlQuery(query_string)

                self.response.out.write(
                    template.render({
                        "form": data,
                        "errors": data.errors,
                        "create_contact": True,
                        "organization_list": organization_list,
                    }))
                return

        if self.request.get("create_admin"):
            data = organization.OrganizationAdminForm(self.request.POST)
            event_id = self.request.get("choose_event")
            try:
                id = int(event_id)
            except:
                return
            this_event = event_db.Event.get_by_id(id)
            if local_admin:
                if not this_event.key() == event.key():
                    self.redirect("/")
                    return

            if data.validate():
                new_org = organization.Organization(
                    name=data.name.data,
                    email=data.email.data,
                    phone=data.phone.data,
                    address=data.address.data,
                    city=data.city.data,
                    state=data.state.data,
                    zip_code=data.zip_code.data,
                    physical_presence=True,
                    number_volunteers="0",
                    voad_member=False,
                    org_verified=True,
                    twitter=data.twitter.data,
                    url=data.url.data,
                    facebook=data.facebook.data,
                    incidents=[this_event.key()],
                    password=self.request.get("password"),
                    is_active=True,
                    is_admin=True,
                )

                # set all phase fields true for admin
                for phase_name in new_org.get_phase_boolean_names():
                    setattr(new_org, phase_name, True)

                new_contact = primary_contact_db.Contact(
                    first_name=data.contact_first_name.data,
                    last_name=data.contact_last_name.data,
                    title=data.contact_title.data,
                    email=data.contact_email.data,
                    phone=data.contact_phone.data,
                    is_primary=True)

                organization.PutAndCacheOrganizationAndContact(
                    organization=new_org,
                    contact=new_contact,
                )
                self.redirect("/admin?message=Admin Created")
                return
            else:
                # needs events lists, password, errors
                query_string = "SELECT * FROM Event"
                suggested_password = random_password.generate_password()
                self.response.out.write(
                    template.render({
                        "form": data,
                        "errors": data.errors,
                        "create_admin": True,
                        #"events_list": events_list,
                        "auto_password": suggested_password,
                    }))
                return

        if self.request.get("delete_org_id"):
            # delete organization
            try:
                id = int(self.request.get("delete_org_id"))
                org_by_id = organization.Organization.get_by_id(id)
            except:
                self.abort(400)

            if not org.may_administer(org_by_id):
                self.abort(403)

            primary_contact_db.RemoveOrgFromContacts(org_by_id)
            db.delete(org_by_id)
            self.redirect("/admin")
            return

        if self.request.get("delete_contact_id"):
            # delete contact
            try:
                id = int(self.request.get("delete_contact_id"))
                contact_by_id = primary_contact_db.Contact.get_by_id(id)
            except:
                self.abort(400)

            if not org.may_administer(org_by_id):
                self.abort(403)

            db.delete(contact_by_id)
            self.redirect("/admin")
            return

        if self.request.get("verify_organization"):
            # verify organization
            try:
                id = int(self.request.get("verify_organization"))
                org_by_id = organization.Organization.get_by_id(id)
            except:
                self.abort(400)

            # check we are allowed
            if not org.may_administer(org_by_id):
                self.abort(403)

            # perform verification
            org_by_id.verify()

            # cache
            organization.PutAndCache(org_by_id, 600)
            self.redirect("/admin")
            return

        if self.request.get("save_org_id"):
            # save org (?)
            try:
                id = int(self.request.get("save_org_id"))
                org_by_id = organization.Organization.get_by_id(id)
            except:
                self.abort(400)

            if not org.may_administer(org_by_id):
                self.abort(403)

            org_by_id.org_verified = True
            organization.PutAndCache(org_by_id, 600)
            self.redirect("/admin")
            return
Example #4
0
    def AuthenticatedPost(self, org, event):
        authenticated_org = org
        try:
            id = int(self.request.get("edit_contact_final"))
        except:
            self.response.set_status(400)
            return
        org_id = None
        org_key = None

        # check to see if organization was edited
        if self.request.get("organization") != "None":
            try:
                org_id = int(self.request.get("organization"))
            except:
                self.response.set_status(400)
                return
            org = organization.Organization.get_by_id(org_id)
            org_key = org.key()

        ###########################

        this_contact = primary_contact_db.Contact.get(
            db.Key.from_path('Contact', id))

        # abort if not authorised to update this contact: must match the authenticated org
        if this_contact.organization.key() != authenticated_org.key():
            self.abort(403)

        # abort if from another incident
        if event.key() not in (inc.key()
                               for inc in this_contact.organization.incidents):
            self.abort(403)

        data = primary_contact_db.ContactFormFull(self.request.POST)
        if data.validate():
            contact = this_contact
            contact.first_name = data.first_name.data
            contact.last_name = data.last_name.data
            contact.title = data.title.data
            contact.phone = data.phone.data
            contact.email = data.email.data
            if org_key is not None:
                contact.organization = org_key
            contact.is_primary = bool(data.is_primary.data)
            primary_contact_db.PutAndCache(contact, ten_minutes)
            self.redirect(
                "/organization-settings?message=Edit complete. It may take a few moments to see changes."
            )
            return
        else:
            try:
                id = int(self.request.get("edit_contact_final"))
            except:
                self.response.set_status(400)
                return
            contact = primary_contact_db.Contact.get_by_id(id)
            form = primary_contact_db.ContactFormFull(
                first_name=contact.first_name,
                last_name=contact.last_name,
                title=contact.title,
                phone=contact.phone,
                email=contact.email,
                is_primary=int(contact.is_primary))
            self.response.out.write(
                template.render({
                    "edit_contact_id": id,
                    "form": form,
                    "errors": data.errors
                }))
            return