def delete(self, id): c.review = Review.find_by_id(id) if c.review.reviewer.id != h.signed_in_person().id: # Raise a no_auth error h.auth.no_role() return render('/review/confirm_delete.mako')
def _delete(self, id): c.review = Review.find_by_id(id) if c.review.reviewer.id != h.signed_in_person().id: # Raise a no_auth error h.auth.no_role() meta.Session.delete(c.review) meta.Session.commit() h.flash("Review Deleted") redirect_to(controller='review', action='index')
def _edit(self, id): c.review = Review.find_by_id(id) self._is_reviewer() for key in self.form_result['review']: setattr(c.review, key, self.form_result['review'][key]) # update the objects with the validated form data meta.Session.commit() h.flash("Review has been edited!") redirect_to(action='view', id=id)
def edit(self, id): c.form = 'edit' c.review = Review.find_by_id(id) self._is_reviewer() c.proposal = c.review.proposal defaults = h.object_to_defaults(c.review, 'review') if defaults['review.score'] == 1 or defaults['review.score'] == 2: defaults['review.score'] = '+%s' % defaults['review.score'] c.signed_in_person = h.signed_in_person() form = render('/review/edit.mako') return htmlfill.render(form, defaults)
def view(self, id): c.review = Review.find_by_id(id) # TODO: currently not enough (see TODOs in model/proposal.py) #if not h.auth.authorized(h.auth.has_organiser_role): # # You can't review your own proposal # for person in c.review.proposal.people: # if person.id == h.signed_in_person().id: # h.auth.no_role() if c.review is None: redirect_to(action='index') return render('review/view.mako')