def view_post(post_id):
if 'username' not in flask.session:
return flask.abort(403)
user_id = auth_utils.get_user_id(flask.session['username'])
post = helpers.get_post(post_id)
if not groups.is_user_in_group(user_id, post['group_id']):
return flask.abort(403)
return flask.render_template('view_post.html', post=post)
def is_admin():
"""
Checks if user can control the settings.
"""
if 'username' not in flask.session:
return False
user_id = auth_utils.get_user_id(flask.session['username'])
ascit_id = groups.get_group_id('ASCIT')
return auth_utils.is_admin() or groups.is_user_in_group(user_id, ascit_id)
def all_posts(group_id):
if 'username' not in flask.session:
return flask.abort(403)
user_id = auth_utils.get_user_id(flask.session['username'])
if not groups.is_user_in_group(user_id, group_id):
return flask.abort(403)
group_name = groups.get_group_data(group_id, ['group_name'])['group_name']
return flask.render_template('all_posts.html',
group_id=group_id,
group_name=group_name,
messages=helpers.get_past_messages(
group_id, 50))
def view_group(group_id):
if 'username' not in flask.session:
return flask.abort(403)
user_id = auth_utils.get_user_id(flask.session['username'])
actions = helpers.get_user_actions(user_id, group_id)
fields = [
'group_id', 'group_name', 'group_desc', 'anyone_can_send', 'visible'
]
group_info = groups.get_group_data(group_id, fields)
applications = None
if actions['control']:
applications = helpers.get_applications(group_id)
messages = None
member = groups.is_user_in_group(user_id, group_id)
if member:
messages = helpers.get_past_messages(group_id)
return flask.render_template('group.html',
group=group_info,
member=member,
actions=actions,
messages=messages,
owners=helpers.get_owners(group_id),
applications=applications)
def allowed_to_take(user_id):
return lambda survey: survey['group_id'] is None or is_user_in_group(
user_id, survey['group_id'])