def _new(self):
person_results = self.form_result['person']
proposal_results = self.form_result['proposal']
attachment_results = self.form_result['attachment']
proposal_results['status'] = ProposalStatus.find_by_name('Pending')
c.proposal = Proposal(**proposal_results)
meta.Session.add(c.proposal)
if not h.signed_in_person():
c.person = model.Person(**person_results)
meta.Session.add(c.person)
email(c.person.email_address,
render('/person/new_person_email.mako'))
else:
c.person = h.signed_in_person()
for key in person_results:
setattr(c.person, key, self.form_result['person'][key])
c.person.proposals.append(c.proposal)
if attachment_results is not None:
c.attachment = Attachment(**attachment_results)
c.proposal.attachments.append(c.attachment)
meta.Session.add(c.attachment)
meta.Session.commit()
email(c.person.email_address,
render('proposal/thankyou_mini_email.mako'))
h.flash("Proposal submitted!")
return redirect_to(controller='proposal', action="index", id=None)
def delete(self, id):
c.attachment = Attachment.find_by_id(id)
c.proposal = Proposal.find_by_id(c.attachment.proposal_id)
if not h.auth.authorized(h.auth.has_organiser_role):
authorized = False
for person in c.proposal.people:
if person.id == h.signed_in_person().id:
authorized = True
break
if not authorized:
# Raise a no_auth error
h.auth.no_role()
return render('/attachment/confirm_delete.mako')
def delete(self, id):
c.attachment = Attachment.find_by_id(id)
c.proposal = Proposal.find_by_id(c.attachment.proposal_id)
if not h.auth.authorized(h.auth.has_organiser_role):
authorized = False
for person in c.proposal.people:
if person.id == h.signed_in_person().id:
authorized = True
break
if not authorized:
# Raise a no_auth error
h.auth.no_role()
return render("/attachment/confirm_delete.mako")
def _delete(self, id):
c.attachment = Attachment.find_by_id(id)
proposal = Proposal.find_by_id(c.attachment.proposal_id)
if not h.auth.authorized(h.auth.has_organiser_role):
authorized = False
for person in proposal.people:
if person.id == h.signed_in_person().id:
authorized = True
break
if not authorized:
# Raise a no_auth error
h.auth.no_role()
meta.Session.delete(c.attachment)
meta.Session.commit()
h.flash("Attachment Deleted")
redirect_to(controller='proposal', action='view', id=proposal.id)
def _delete(self, id):
c.attachment = Attachment.find_by_id(id)
proposal = Proposal.find_by_id(c.attachment.proposal_id)
if not h.auth.authorized(h.auth.has_organiser_role):
authorized = False
for person in proposal.people:
if person.id == h.signed_in_person().id:
authorized = True
break
if not authorized:
# Raise a no_auth error
h.auth.no_role()
meta.Session.delete(c.attachment)
meta.Session.commit()
h.flash("Attachment Deleted")
redirect_to(controller="proposal", action="view", id=proposal.id)
def _new(self):
if c.cfp_status == 'closed':
if not h.auth.authorized(
h.auth.Or(h.auth.has_organiser_role,
h.auth.has_late_submitter_role)):
return render("proposal/closed.mako")
elif c.cfp_status == 'not_open':
return render("proposal/not_open.mako")
person_results = self.form_result['person']
proposal_results = self.form_result['proposal']
attachment_results = self.form_result['attachment']
proposal_results['status'] = ProposalStatus.find_by_name('Pending')
c.proposal = Proposal(**proposal_results)
c.proposal.abstract = self.clean_abstract(c.proposal.abstract)
meta.Session.add(c.proposal)
if not h.signed_in_person():
c.person = model.Person(**person_results)
meta.Session.add(c.person)
email(c.person.email_address,
render('/person/new_person_email.mako'))
else:
c.person = h.signed_in_person()
for key in person_results:
setattr(c.person, key, self.form_result['person'][key])
c.person.proposals.append(c.proposal)
if attachment_results is not None:
attachment = Attachment(**attachment_results)
c.proposal.attachments.append(attachment)
meta.Session.add(attachment)
meta.Session.commit()
email(c.person.email_address, render('proposal/thankyou_email.mako'))
h.flash("Proposal submitted!")
return redirect_to(controller='proposal', action="index", id=None)
def _attach(self, id):
"""Attach a file to the proposal.
"""
# We need to recheck auth in here so we can pass in the id
if not h.auth.authorized(
h.auth.Or(h.auth.is_same_zookeepr_submitter(id),
h.auth.has_organiser_role)):
# Raise a no_auth error
h.auth.no_role()
c.proposal = Proposal.find_by_id(id)
attachment_results = self.form_result['attachment']
attachment = Attachment(**attachment_results)
c.proposal.attachments.append(attachment)
meta.Session.commit()
h.flash("File was attached")
return redirect_to(action='view', id=id)
def view(self, id):
attachment = Attachment.find_by_id(id)
proposal = Proposal.find_by_id(attachment.proposal_id)
if not h.auth.authorized(h.auth.has_organiser_role):
authorized = False
for person in proposal.people:
if h.auth.is_same_zookeepr_user(person.id):
authorized = True
break
if not authorized:
# Raise a no_auth error
h.auth.no_role()
response.headers["content-type"] = attachment.content_type.encode("ascii", "ignore")
response.headers.add("content-transfer-encoding", "binary")
response.headers.add("content-length", len(attachment.content))
response.headers["content-disposition"] = 'attachment; filename="%s";' % attachment.filename.encode(
"ascii", "ignore"
)
response.headers.add("Pragma", "cache")
response.headers.add("Cache-Control", "max-age=3600,public")
return attachment.content
def view(self, id):
attachment = Attachment.find_by_id(id)
proposal = Proposal.find_by_id(attachment.proposal_id)
if not h.auth.authorized(h.auth.has_organiser_role):
authorized = False
for person in proposal.people:
if h.auth.is_same_zookeepr_user(person.id):
authorized = True
break
if not authorized:
# Raise a no_auth error
h.auth.no_role()
response.headers['content-type'] = attachment.content_type.encode(
'ascii', 'ignore')
response.headers.add('content-transfer-encoding', 'binary')
response.headers.add('content-length', len(attachment.content))
response.headers[
'content-disposition'] = 'attachment; filename="%s";' % attachment.filename.encode(
'ascii', 'ignore')
response.headers.add('Pragma', 'cache')
response.headers.add('Cache-Control', 'max-age=3600,public')
return attachment.content
