def suggestion_page(suggestion_id):
# user must have the role "edit_journal"
if not current_user.has_role("edit_suggestion"):
abort(401)
# get the journal, so we can check our permissions against it
s = models.Suggestion.pull(suggestion_id)
if s is None:
abort(404)
# flag which we can set to determine whether this user can access the editorial
# features of the journal form
editorial_available = False
# user must be either the "admin.editor" of the journal, or the editor of the "admin.editor_group"
# is the user the currently assigned editor of the journal?
passed = False
if s.editor == current_user.id:
passed = True
# now check whether the user is the editor of the editor group
# and simultaneously determine whether they have editorial rights
# on this journal
eg = models.EditorGroup.pull_by_key("name", s.editor_group)
if eg is not None and eg.editor == current_user.id:
passed = True
editorial_available = True
# if the user wasn't the editor or the owner of the editor group, unauthorised
if not passed:
abort(401)
# create the list of allowable editors for this journal (the editor
# and all the associates in this editor group)
# egs = models.EditorGroup.groups_by_editor(current_user.id)
editors = [current_user.id]
editors += eg.associates
editors = list(set(editors))
return suggestion_handler.request_handler(
request,
suggestion_id,
redirect_route="editor.suggestion_page",
template="editor/suggestion.html",
locked_template="editor/suggestion_locked.html",
editors=editors,
editorial_available=editorial_available,
status_options="editor")
def suggestion_page(suggestion_id):
# user must have the role "edit_journal"
if not current_user.has_role("edit_suggestion"):
abort(401)
# get the journal, so we can check our permissions against it
s = models.Suggestion.pull(suggestion_id)
if s is None:
abort(404)
# flag which we can set to determine whether this user can access the editorial
# features of the journal form
editorial_available = False
# user must be either the "admin.editor" of the journal, or the editor of the "admin.editor_group"
# is the user the currently assigned editor of the journal?
passed = False
if s.editor == current_user.id:
passed = True
# now check whether the user is the editor of the editor group
# and simultaneously determine whether they have editorial rights
# on this journal
eg = models.EditorGroup.pull_by_key("name", s.editor_group)
if eg is not None and eg.editor == current_user.id:
passed = True
editorial_available = True
# if the user wasn't the editor or the owner of the editor group, unauthorised
if not passed:
abort(401)
# create the list of allowable editors for this journal (the editor
# and all the associates in this editor group)
# egs = models.EditorGroup.groups_by_editor(current_user.id)
editors = [current_user.id]
editors += eg.associates
editors = list(set(editors))
return suggestion_handler.request_handler(request, suggestion_id, redirect_route="editor.suggestion_page",
template="editor/suggestion.html", locked_template="editor/suggestion_locked.html", editors=editors,
editorial_available=editorial_available, status_options="editor")
def suggestion_page(suggestion_id):
return suggestion_handler.request_handler(request, suggestion_id, group_editable=True, editorial_available=True, status_options="admin")
