def can_create_election(request):
user = get_user(request)
if not user:
return False
if helios.ADMIN_ONLY:
return user.admin_p
else:
return user.can_create_election()
def election_admin_wrapper(request, election_uuid=None, *args, **kw):
election = get_election_by_uuid(election_uuid)
user = get_user(request)
if not user_can_admin_election(user, election):
raise PermissionDenied()
# do checks
do_election_checks(election, checks)
return func(request, election, *args, **kw)
def render_template(request, template_name, values=None):
vars_with_user = values.copy() if values is not None else {}
vars_with_user["user"] = get_user(request)
vars_with_user["settings"] = settings
vars_with_user["CURRENT_URL"] = request.path
# csrf protection
if "csrf_token" in request.session:
vars_with_user["csrf_token"] = request.session["csrf_token"]
return render(request, "server_ui/templates/%s.html" % template_name,
vars_with_user)
def prepare_vars(request, values):
vars_with_user = values.copy() if values is not None else {}
vars_with_user["user"] = get_user(request)
# csrf protection
if "csrf_token" in request.session:
vars_with_user["csrf_token"] = request.session["csrf_token"]
vars_with_user["utils"] = utils
vars_with_user["settings"] = settings
vars_with_user["HELIOS_STATIC"] = "/static/helios/helios"
vars_with_user["TEMPLATE_BASE"] = TEMPLATE_BASE
vars_with_user["CURRENT_URL"] = request.path
vars_with_user["SECURE_URL_HOST"] = settings.SECURE_URL_HOST
return vars_with_user
def user_can_see_election(request, election):
user = get_user(request)
if not election.private_p:
return True
# election is private
# but maybe this user is the administrator?
if user_can_admin_election(user, election):
return True
# or maybe this is a trustee of the election?
trustee = get_logged_in_trustee(request)
if trustee and trustee.election.uuid == election.uuid:
return True
# then this user has to be a voter
return get_voter(request, user, election) is not None
def home(request):
# load the featured elections
featured_elections = Election.get_featured()
user = get_user(request)
create_p = can_create_election(request)
if create_p:
elections_administered = Election.get_by_user_as_admin(
user, archived_p=False, limit=5)
else:
elections_administered = None
if user:
elections_voted = Election.get_by_user_as_voter(user, limit=5)
else:
elections_voted = None
auth_systems = copy.copy(settings.AUTH_ENABLED_SYSTEMS)
try:
auth_systems.remove("password")
except:
pass
login_box = auth_views.login_box_raw(request,
return_url="/",
auth_systems=auth_systems)
return render_template(
request,
"index",
{
"elections": featured_elections,
"elections_administered": elections_administered,
"elections_voted": elections_voted,
"create_p": create_p,
"login_box": login_box,
},
)