def can_touch(assessment):
if current_user.is_anonymous() and not EU_ASSESSMENT_MODE:
return False
if not assessment:
return EU_ASSESSMENT_MODE or admin_perm.can() or nat_perm.can() or etc_perm.can() or (
sta_perm.can() and not consultation_ended())
return EU_ASSESSMENT_MODE or admin_perm.can() or etc_perm.can() or (
assessment.user == current_user and not sta_cannot_change())
def can_touch(assessment):
if current_user.is_anonymous() and not EU_ASSESSMENT_MODE:
return False
if not assessment:
return EU_ASSESSMENT_MODE or admin_perm.can() or nat_perm.can(
) or etc_perm.can() or (sta_perm.can() and not consultation_ended())
return EU_ASSESSMENT_MODE or admin_perm.can() or etc_perm.can() or (
assessment.user == current_user and not sta_cannot_change())
def can_delete(record):
if EU_ASSESSMENT_MODE:
return True
if current_user.is_anonymous():
return False
if record.dataset.is_readonly:
return False
if record.user_id == current_user.id:
return not sta_cannot_change()
def can_delete(record):
if EU_ASSESSMENT_MODE:
return True
if current_user.is_anonymous():
return False
if record.dataset.is_readonly:
return False
if record.user_id == current_user.id:
return not sta_cannot_change()
def change_details():
from art17.auth import current_user
if current_user.is_anonymous():
flask.flash('You need to login to access this page.')
return flask.redirect(flask.url_for(HOMEPAGE_VIEW_NAME))
else:
from art17.forms import ChangeDetailsForm
form = ChangeDetailsForm(flask.request.form, current_user)
if form.validate_on_submit():
flask.flash('Details updated successfully!', 'success')
form.populate_obj(current_user)
db.session.commit()
return flask.render_template('change_details.html', **{
'form': form,
})
def change_details():
from art17.auth import current_user
if current_user.is_anonymous():
flask.flash('You need to login to access this page.')
return flask.redirect(flask.url_for(HOMEPAGE_VIEW_NAME))
else:
from art17.forms import ChangeDetailsForm
form = ChangeDetailsForm(flask.request.form, current_user)
if form.validate_on_submit():
flask.flash('Details updated successfully!', 'success')
form.populate_obj(current_user)
db.session.commit()
return flask.render_template('change_details.html', **{
'form': form,
})
def can_edit(record):
if EU_ASSESSMENT_MODE:
return True
if current_user.is_anonymous():
return False
if record.deleted:
return False
if record.dataset.is_readonly:
return False
if record.user_id == current_user.id:
if sta_cannot_change():
return False
return True
return etc_perm.can() or admin_perm.can()
def can_edit(record):
if EU_ASSESSMENT_MODE:
return True
if current_user.is_anonymous():
return False
if record.deleted:
return False
if record.dataset.is_readonly:
return False
if record.user_id == current_user.id:
if sta_cannot_change():
return False
return True
return etc_perm.can() or admin_perm.can()
def change_password():
if current_user.is_anonymous():
message = "You must log in before changing your password."
return render_template('message.html', message=message)
if current_user.is_ldap:
message = (
'Your password can be changed only from the EIONET website ' +
'(' + os.environ.get('EEA_PASSWORD_RESET') + ').')
return render_template('message.html', message=message)
form = ChangePasswordForm()
if form.validate_on_submit():
change_user_password(current_user, form.new_password.data)
models.db.session.commit()
msg = "Your password has been changed. Please log in again."
flash(msg, 'success')
return redirect(url_for(HOMEPAGE_VIEW_NAME))
return render_template('auth/change_password.html', **{
'form': form,
})
def get_context(self):
factsheet_url = ''
map_url = ''
map_warning = ''
period = self.dataset.id if self.dataset else 0
subject = request.args.get('subject')
region = request.args.get('region')
url_kwargs = dict(period=period, subject=subject, region=region)
if subject:
speciescode_row = (EtcDataSpeciesRegion.query.filter_by(
subject=subject).filter_by(dataset_id=period).first())
speciescode = speciescode_row.mapcode if speciescode_row else None
sensitive = False
sensitive_records = get_sensitive_records(speciescode)
if sensitive_records:
if current_user.is_anonymous():
map_warning = ', '.join(
[s.eu_country_code for s in sensitive_records])
else:
sensitive = True
if speciescode:
map_url = generate_map_url(
category='species',
subject=speciescode,
region=region,
sensitive=sensitive,
)
factsheet_url = generate_factsheet_url(
category='species',
subject=subject,
period=period,
)
return {
'groups_url':
url_for('common.species-groups'),
'subjects_url':
url_for('.species-summary-species'),
'regions_url':
url_for('.species-summary-regions'),
'comments_endpoint':
'comments.species-comments',
'edit_endpoint':
'.species-summary',
'delete_endpoint':
'.species-delete',
'update_endpoint':
'.species-update',
'datasheet_url':
url_for('wiki.datasheet', page='species', **url_kwargs),
'audittrail_url':
url_for('wiki.audittrail', page='species', **url_kwargs),
'audittrail_merged_url':
url_for('wiki.audittrail-merged', page='species', **url_kwargs),
'progress_endpoint':
'progress.species-progress',
'get_title_for_country':
get_title_for_species_country,
'wiki_unread':
self.wiki_unread,
'map_url':
map_url,
'factsheet_url':
factsheet_url,
'map_warning':
map_warning,
'get_tooltip':
get_tooltip_for_species,
'favourable_ref_title':
favourable_ref_title_species,
}
def can_manage_comment(dataset):
if not dataset or dataset.is_readonly:
return False
return not current_user.is_anonymous()
def can_add_comment(comments, revisions, dataset):
if not dataset or dataset.is_readonly or sta_cannot_change():
return False
is_author = current_user in [cmnt.author for cmnt in comments]
return not (current_user.is_anonymous() or is_author) and revisions
def can_add_comment(comments, revisions, dataset):
if not dataset or dataset.is_readonly or sta_cannot_change():
return False
is_author = current_user in [cmnt.author for cmnt in comments]
return not (current_user.is_anonymous() or is_author) and revisions
def can_manage_comment(dataset):
if not dataset or dataset.is_readonly:
return False
return not current_user.is_anonymous()
def get_context(self):
factsheet_url = ''
map_url = ''
map_warning = ''
period = self.dataset.id if self.dataset else 0
subject = request.args.get('subject')
region = request.args.get('region')
url_kwargs = dict(period=period, subject=subject, region=region)
if subject:
speciescode_row = (
EtcDataSpeciesRegion.query
.filter_by(subject=subject)
.filter_by(dataset_id=period)
.first()
)
speciescode = speciescode_row.mapcode if speciescode_row else None
sensitive = False
sensitive_records = get_sensitive_records(speciescode)
if sensitive_records:
if current_user.is_anonymous():
map_warning = ', '.join([s.eu_country_code for s in
sensitive_records])
else:
sensitive = True
if speciescode:
map_url = generate_map_url(
category='species',
subject=speciescode,
region=region,
sensitive=sensitive,
)
factsheet_url = generate_factsheet_url(
category='species',
subject=subject,
period=period,
)
return {
'groups_url': url_for('common.species-groups'),
'subjects_url': url_for('.species-summary-species'),
'regions_url': url_for('.species-summary-regions'),
'comments_endpoint': 'comments.species-comments',
'edit_endpoint': '.species-summary',
'delete_endpoint': '.species-delete',
'update_endpoint': '.species-update',
'datasheet_url': url_for('wiki.datasheet',
page='species',
**url_kwargs),
'audittrail_url': url_for('wiki.audittrail',
page='species',
**url_kwargs),
'audittrail_merged_url': url_for(
'wiki.audittrail-merged',
page='species',
**url_kwargs),
'progress_endpoint': 'progress.species-progress',
'get_title_for_country': get_title_for_species_country,
'wiki_unread': self.wiki_unread,
'map_url': map_url,
'factsheet_url': factsheet_url,
'map_warning': map_warning,
'get_tooltip': get_tooltip_for_species,
'favourable_ref_title': favourable_ref_title_species,
}