class DataSetController(BaseController): @expose('etl.templates.datasets.index') @require(predicates.not_anonymous()) def index(self): datasets = DBSession.query(DataSet).all() return dict(datasets=datasets) @expose('etl.templates.datasets.view') @expose(content_type="text/csv") @expose(content_type='application/json') @require(predicates.Any(predicates.not_anonymous(), is_api_authenticated())) @validate({'dataset': Convert(lambda v: DBSession.query(DataSet).filter_by(uid=v).one())}, error_handler=abort(404, error_handler=True)) def view(self, dataset, **kw): try: result = dataset.fetch() except Exception as e: log.exception('Failed to Retrieve Data') flash('ERROR: %s' % e, 'error') return dict(dataset=dataset, columns=[], results=[], count=0) if request.response_type == 'text/csv': return dateframe_to_csv(result) elif request.response_type == 'application/json': return dateframe_to_json(result) return dict( dataset=dataset, columns=list(result.columns), results=list(result.itertuples()), count=len(result), py2=py_version < 3 )
class OutputPlusController(RestController): allow_only = predicates.not_anonymous() @expose("json") @decode_params("json") def post(self, highlighted_text=u"", workspace=None, list_=[]): first_5_words = u" ".join(highlighted_text.split()) title = u" ".join(first_5_words.split(" ")[:5]) user = request.identity["user"] output = Output( _owner=user._id, _workspace=workspace, title=title, public=True, visible=True, html=highlighted_text, auto_generated=True, status=Output.STATUS.UNREAD, ) for o in list_: m = entity_from_id(_id=ObjectId(o[2:-1])) output.insert_content(m) DBSession.flush(output) return dict(_id=str(output._id), title=title, hash=output.hash)
def _default(self, page=None, *args, **kw): page_slug = dict(slug=page) hooks.notify('flatpages.before_override_template', args=(page_slug, self)) page = model.FlatPage.by_slug(page_slug['slug']) if page is None: abort(404, 'Page not found') permission = page.required_permission if permission and permission != 'public': if permission == 'not_anonymous': predicate = predicates.not_anonymous() else: predicate = predicates.has_permission(permission) if not predicate.is_met(request.environ): abort(403, 'Forbidden') try: userid = request.identity['user'].user_id except: userid = None override_template(RootController._default, page.template) hooks.notify('flatpages.after_override_template', (page, self)) return dict(page=page, tg_cache={'expire': self.CACHE_EXPIRE, 'key': '%s-%s-%s' % (page.slug, page.updated_at, userid)})
class OutputPlusController(RestController): allow_only = predicates.not_anonymous() @expose('json') @decode_params('json') def post(self, highlighted_text=u'', workspace=None, list_=[]): first_5_words = u' '.join(highlighted_text.split()) first_5_words = u' '.join(first_5_words.split(" ")[:5]) user = request.identity['user'] content = [] for elem in list_: type, _id = elem.split("_") _model = ResolveController.related_models[type] o = _model.query.get(ObjectId(_id)) content.append({ 'type': type, 'title': o.title, 'content': _id }) title = _(u'Output ') + first_5_words output = model.Output( _owner=user._id, _category=workspace, title=title, content=content, public=True, visible=True, html=highlighted_text ) return dict(_id=str(output._id), title=title)
class ContentController(StandardController): """ Class of controllers used for example in home to mark read the unread contents via mark_all_read() """ @classmethod def current_item_id_key_in_context(cls) -> str: return '' @tg.expose() def index(self): return dict() @require(predicates.not_anonymous()) @tg.expose() def mark_all_read(self): ''' Mark as read all the content that hasn't been read redirects the user to "/home" ''' user = tg.tmpl_context.current_user content_api = ContentApi(user) content_api.mark_read__all() tg.redirect("/home")
def _check_security(self): requirement = getattr(self, 'allow_only', None) if requirement is None: return True if hasattr(requirement, 'predicate'): # It is a full requirement, let it build the response requirement._check_authorization() return True # It is directly a predicate, build the response ourselves predicate = requirement try: predicate.check_authorization(tg.request.environ) except NotAuthorizedError as e: reason = unicode_text(e) if hasattr(self, '_failed_authorization'): # Should shortcircuit the rest, but if not we will still # deny authorization self._failed_authorization(reason) if not_anonymous().is_met(tg.request.environ): # The user is authenticated but not allowed. code = 403 status = 'error' else: # The user has not been not authenticated. code = 401 status = 'warning' tg.response.status = code flash(reason, status=status) abort(code, comment=reason)
def _default(self, page=None, *args, **kw): page = model.FlatPage.by_slug(page) if page is None: abort(404, 'Page not found') permission = page.required_permission if permission and permission != 'public': if permission == 'not_anonymous': predicate = predicates.not_anonymous() else: predicate = predicates.has_permission(permission) if not predicate.is_met(request.environ): abort(403, 'Forbidden') try: userid = request.identity['user'].user_id except: userid = None override_template(RootController._default, page.template) hooks.notify('flatpages.before_render_page', (page, )) return dict(page=page, tg_cache={ 'expire': self.CACHE_EXPIRE, 'key': '%s-%s-%s' % (page.slug, page.updated_at, userid) })
class SoundController(BaseController): allow_only = predicates.not_anonymous() def _before(self, *args, **kw): tmpl_context.project_name = "SpacePlayer" @expose('webplayer.templates.sound') def index(self): sounds = DBSession.query(Sound).all() return dict(page='sound', sounds=sounds) @expose('json') def gener_test_sounds(self, quantity): Sound.generation_test_data(int(quantity)) redirect('/sound') @expose('json') def clear_data(self): Sound.clear_data() redirect('/sound') @expose('json') def upload_files(self, directory): Sound.upload_files(directory) redirect('/sound')
class GroupsController(BaseController): allow_only = not_anonymous() @expose() def _lookup(self, group_id, *args): try: group_id = int(group_id) except ValueError: abort(404, "Not a valid group identifier.") user = request.identity['user'] group = DBSession.query(Group).get(group_id) if not group: abort(404, "No such group.") if user not in group.users and not user.admin: abort(403, "You are not a part of this group.") return GroupController(group), args @expose('algobowl.templates.group.select') @expose('json') def index(self): user = request.identity['user'] groups = [g for g in user.groups if g.competition.active] if len(groups) == 1 and request.response_type != 'application/json': redirect(url('/group/{}'.format(groups[0].id))) return {'groups': groups}
class RabbitController(BaseController): allow_only = predicates.not_anonymous() @expose('json') def countsessions(self, **kw): if "user" in kw: # url=app_globals.host_prefix+app_globals.stompHost+":15672/api/connections" # response = requests.get(url, auth=(app_globals.stompUserName, app_globals.stompPassword), verify=False) # count=0 # for item in response.json(): # user=item["user"] # if (user==request.identity['repoze.who.userid']): # count=count+1 count = 0 return dict(count=count) else: return dict(error="Missing user parameter") @expose('json') def createuser(self, **kw): if "user" in kw: newUser = kw["user"] url = app_globals.host_prefix + app_globals.stompHost + ":15672/api/users/" + newUser headers = {'Content-type': 'application/json'} data = '{"password":"******","tags":"none"}' r = requests.put(url, auth=(app_globals.stompUserName, app_globals.stompPassword), headers=headers, data=data, verify=False) url = app_globals.host_prefix + app_globals.stompHost + ":15672/api/permissions/%2f/" + newUser data = '{"configure":".*","write":".*","read":".*"}' r = requests.put(url, auth=(app_globals.stompUserName, app_globals.stompPassword), headers=headers, data=data, verify=False) return dict(status="User created") else: return dict(error="no parameters") @expose('json') def deleteuser(self, **kw): if "user" in kw: newUser = kw["user"] url = app_globals.host_prefix + app_globals.stompHost + ":15672/api/users/" + newUser headers = {'Content-type': 'application/json'} data = '{"password":"******","tags":"none"}' r = requests.delete(url, auth=(app_globals.stompUserName, app_globals.stompPassword), headers=headers, data=data, verify=False) return dict(status="User deleted") else: return dict(error="no parameters")
def index(self): """ Home page for not authorized users. """ from tg.predicates import not_anonymous if not_anonymous(): redirect('/start') return dict(page='index', pname=None)
def year_list(self): """Handle the 'main_user' page.""" users=DBSession.query(User).all() workers=DBSession.query(Worker).all() news_show=DBSession.query(News_show).all() freeday=DBSession.query(FreeDay).all() p = not_anonymous(msg='Only logged in users can read this post') return dict(page='year_list',bar='Alex',users=users, workers=workers,news=news_show, freeday=freeday)
class PresentationsController(BaseController): @expose('mozzarella.templates.presentations') def index(self): """List all presentations""" presentations = list(DBSession.query(Presentation)) presentations.sort(key=lambda p: p.date, reverse=True) return dict(page='presentations', presentations=presentations) @expose('mozzarella.templates.presentation_upload') @require(not_anonymous(msg='Only logged in users can sumbit presentations') ) def upload_form(self, **kw): tmpl_context.form = new_presentation_form return dict(page='presentation_upload', value=kw) @validate(new_presentation_form, error_handler=upload_form) @expose() @require(not_anonymous(msg='Only logged in users can sumbit presentations') ) def upload(self, **kw): del kw['sprox_id'] # required by sprox kw['authors'] = [DBSession.query(User).get(id) for id in kw['authors']] pres = Presentation() kw['files'] = [] for f in ('file', 'file_2', 'file_3'): if kw[f] is not None: kw['files'].append( PresentationFile( presentation_id=pres.id, file=kw[f], description=kw['{}_description'.format(f)])) DBSession.add(kw['files'][-1]) del kw[f] del kw['{}_description'.format(f)] for k, v in kw.items(): setattr(pres, k, v) DBSession.add(pres) DBSession.flush() flash('Your presentation was successfully uploaded') redirect('/presentations')
def main_user(self): """Handle the 'main_user' page.""" u=request.identity['user'] userr_id=u.user_id users=DBSession.query(User).all() workers=DBSession.query(Worker).all() news_show=DBSession.query(News_show).all() freeday=DBSession.query(FreeDay).all() p = not_anonymous(msg='Only logged in users can read this post') return dict(page='main_user',bar='Alex',users=users, us=userr_id, workers=workers,news=news_show, freeday=freeday)
class WorkspaceController(APIBaseController): @expose('json') @api_require(predicates.not_anonymous()) def index(self): # NOTE BS 20161025: I can't use tmpl_context.current_user, # I d'ont know why workspace_api = WorkspaceApi(tmpl_context.identity.get('user')) workspaces = workspace_api.get_all() serialized_workspaces = Context(CTX.API_WORKSPACE).toDict(workspaces) return {'value_list': serialized_workspaces}
class SymptomController(BaseController): allow_only = predicates.not_anonymous() @expose('blockmrs.templates.symptoms') def index(self): return dict() @expose('blockmrs.templates.diagnosis') def diagnosis(self): print('ohea') return dict()
class ProductController(TGController): @expose('stroller2.templates.product.product') def _default(self, slug=None, product=None, *args, **kw): product = app_globals.shop.product.get(slug=slug, _id=product) if product is None: abort(404, 'Product not found') return dict(product=product, buy_form=get_buy_product_form(), action=plug_url('stroller2', '/product/add_to_cart'), active=self._product_is_active(product)) @require(not_anonymous()) @expose() @validate(get_buy_product_form(), error_handler=_default) def add_to_cart(self, product=None, quantity=1, **kw): return product = app_globals.shop.product.get(_id=product) if product is None: abort(404, 'Product not found') try: cart = app_globals.shop.cart.create_or_get( request.identity['user'].user_id) except CartLockedException: flash(_('The cart is unavailable, try again later'), 'error') return redirect('/product/%s' % product.slug) if not app_globals.shop.product.buy(cart, product, 0, quantity): flash(_('The product is sold out'), 'error') else: flash(_('Product %s added to cart') % product.i18n_name) return redirect('/product/%s' % product.slug) @classmethod def _product_is_active(cls, product): if product is None: return False if not product.active: return False return product.configurations[0].qty > 0 @expose('tavolaclandestina.templates.product.product') def share(self, slug=None, product=None, *args, **kw): product = app_globals.shop.product.get(slug=slug, _id=product) if product is None: abort(404, 'Product not found') return dict(product=product, buy_form=get_buy_product_form(), action=plug_url('stroller2', '/product/add_to_cart'), active=self._product_is_active(product))
class HistoryController(BaseController): """History actions controller""" # The predicate that must be met for all the actions in this controller: allow_only = not_anonymous(msg=l_('Only for authorized users')) @expose('workbox.templates.history') def index(self): """Handle the history page.""" return dict(page='history') @expose() def get(self): """Returns history data.""" entries = None data = [] if has_permission('manage'): entries = model.History.get_all_records() for entry in entries: box = [] box.append(entry.history_id) box.append(entry.user.display_name) if entry.box: box.append(entry.box.box_id) else: box.append(' - ') box.append(entry.datetime.strftime("%Y-%m-%d %H:%M")) box.append(entry.info) data.append(box) else: entries = model.History.get_all_user_records( request.identity['user']._id) for entry in entries: box = [] box.append(entry.history_id) if entry.box: box.append(entry.box.box_id) else: box.append(' - ') box.append(entry.datetime.strftime("%Y-%m-%d %H:%M")) box.append(entry.info) data.append(box) json_entries = {} json_entries['data'] = data return json.dumps(json_entries)
class ControlPanel(TGController): """Mock TG2 protected controller using @allow_only directly.""" hr = HRManagementController() allow_only = not_anonymous() @expose() def index(self): return 'you are in the panel' @expose() @require(is_user('admin')) def add_user(self, user_name): return "%s was just registered" % user_name
class SecureController(BaseController): """Sample controller-wide authorization""" # The predicate that must be met for all the actions in this controller: #allow_only = has_permission( # 'manage', # msg=l_('Only for people with the "manage" permission') #) allow_only = predicates.not_anonymous() @expose('pythondispatchms.templates.index') def index(self): """Let the user know that's visiting a protected controller.""" #flash(_("Secure Controller here")) return dict(page='index')
class RootController(TGController): allow_only = not_anonymous() @expose('json') def ajax_update_last_seen_of_a_recipient(self): result = { 'last_activity_seen': request.identity['user'].last_activity_seen } request.identity['user'].last_activity_seen = datetime.utcnow() return result @expose() def see(self, target_link): request.identity['user'].last_activity_seen = datetime.utcnow() return redirect(target_link)
class MemoryController(BaseController): allow_only = predicates.not_anonymous() provider_type_selector_type = ProviderTypeSelector @expose('full_stack_app.templates.memory') def index(self): memories = DBSession.query(Memory).all() return dict(page='memory', memories=memories) @expose('full_stack_app.templates.adding') def adding(self): memory_form = MemoryForm() return dict(page='adding', memory_form=memory_form) @expose() def new(self, name, content): user = request.identity['user'] DBSession.add(Memory(name=name, content=content, user=user)) redirect('/memory') @expose('json') def post_delete(self, uid, **kw): memory = DBSession.query(Memory).filter_by(uid=uid).one() if not memory: return dict(errors={'memory':'Memory not found'}) DBSession.delete(memory) redirect('/memory') @expose('full_stack_app.templates.edit') def edit(self, uid): memory = DBSession.query(Memory).filter_by(uid=uid).one() return dict(page='edit', memory=memory, edit_form=EditForm, value=dict(uid=memory.uid, name=memory.name, content=memory.content)) @expose() def save(self, uid, name, content):#, data): memory = DBSession.query(Memory).filter_by(uid=uid).one() memory.name = name memory.content = content #memory.data = datetime.utcnow redirect('/memory')
def _lookup(self, project_name, *remainder): """ Project instance lookup. """ from tg.predicates import not_anonymous try: came_from = request.headers['Referer'] except Exception: came_from = request.path_url if not not_anonymous(): flash(l_('Permission is not sufficient for this user.'), 'error') redirect('/login?came_from=%s' % came_from) if DBSession.query(Projects).filter( Projects.name == project_name).first(): class UsersController(BaseController): """Subcontrollers for lookup. MAIN SITE FOR PROJECT INSTANCE. Parmission allowed only for logged user with added permision named as a project. """ # The predicate that must be met for all the actions in this controller: allow_only = has_permission( project_name, msg=l_('Permission is not sufficient for this user.')) molecules = MoleculesController() select = SelectController() synthesis = SynthesisController() library = LibraryController() results = ResultsController() @expose('molgears.templates.users.index') def index(self): """Main site for project.""" userid = request.identity['repoze.who.userid'] projects = DBSession.query(Projects).all() user = DBSession.query(User).filter_by( user_name=userid).first() perms = [p.permission_name for p in list(user.permissions)] return dict(page='index', userid=userid, projects=projects, perms=perms, pname=project_name) users = UsersController() else: users = ErrorController() return users, remainder
class CalendarController(BaseController): """ Calendar web tracim page. """ @tg.expose('tracim.templates.calendar.iframe_container') @tg.require(not_anonymous()) def index(self): user = tmpl_context.identity.get('user') dictified_current_user = Context(CTX.CURRENT_USER).toDict(user) fake_api = DictLikeClass( current_user=dictified_current_user, ) return DictLikeClass(fake_api=fake_api)
def start(self): """ Home page for authorized users. """ from tg.predicates import not_anonymous if not not_anonymous(): flash(l_(u'Permission is not sufficient for this user'), 'error') redirect('/') userid = request.identity['repoze.who.userid'] projects = DBSession.query(Projects).order_by('id').all() user = DBSession.query(User).filter_by(user_name=userid).first() perms = list(user.permissions) perms_names = [p.permission_name for p in perms] user_projects = [project for project in projects if project.name in perms_names] # flash(l_(u'Alpha version. Please send error reporting to: [email protected]. \t\t :)'), 'warning') return dict(page='start', projects=user_projects, pname=None)
class CalendarsController(APIBaseController): @expose('json') @api_require(predicates.not_anonymous()) def index(self): # NOTE BS 20161025: I can't use tmpl_context.current_user, # I d'ont know why user = tmpl_context.identity.get('user') calendar_workspaces = CalendarManager\ .get_workspace_readable_calendars_for_user(user) calendars = Context(CTX.API_CALENDAR_WORKSPACE)\ .toDict(calendar_workspaces) # Manually add information about user calendar calendars.append(Context(CTX.API_CALENDAR_USER).toDict(user)) return {'value_list': calendars}
class RootController(BaseController): admin = AdminController(algobowl.model, DBSession, config_type=AdminConfig) error = ErrorController() group = GroupsController() competition = CompetitionsController() def _before(self, *args, **kw): tmpl_context.project_name = "algobowl" @expose('algobowl.templates.index') def index(self): """Handle the front-page.""" return dict(page='index') @expose() def algobowl(self): """Redirect for old route to homepage""" redirect(url('/')) @expose() def login(self): if not tg.request.identity: who_api = get_api(tg.request.environ) return who_api.challenge() redirect(url('/')) @expose() @require(predicates.not_anonymous()) def logout(self): who_api = get_api(tg.request.environ) headers = who_api.logout() return HTTPFound(headers=headers) @expose() def post_login(self, came_from=lurl('/')): if tg.request.identity: user = tg.request.identity['user'] flash("Welcome, {}!".format(user), 'success') u = tg.request.relative_url(str(came_from), to_application=True) if not u.startswith(tg.request.application_url): flash("Dangerous redirect prevented", "warning") redirect('/') redirect(u) else: flash("Login failure", 'error') redirect('/')
class ProfileController(BaseController): # Uncomment this line if your controller requires an authenticated user allow_only = predicates.not_anonymous() def _before(self, *args, **kw): tmpl_context.page_name = "Fortressd" @expose('fortress.templates.profiles.index') def index(self): """Handle the front-page.""" return dict(page='index') @expose('fortress.templates.profiles.edit_info') def edit_info(self): """Handle the front-page.""" return dict(page='index') @expose('fortress.templates.profiles.change_passwd') def change_passwd(self): """Handle the front-page.""" return dict(page='index')
class RelationController(BaseController): allow_only = predicates.not_anonymous() def _before(self, *args, **kw): tmpl_context.project_name = "SpacePlayer" @expose('webplayer.templates.relation') def index(self, **kw): relations = DBSession.query(Relation).all() sounds = DBSession.query(Sound).all() #relations_table = [] #relations_table = [[0 for i in range(0, len(sounds))] for j in range(0, len(sounds))] try: relations_table = [] relations_table = [[0 for i in range(0, len(sounds))] for j in range(0, len(sounds))] for i in relations: relations_table[i.left_sound_id - 1][i.right_sound_id - 1] = i.weight except: pass return dict(page='relation', relations=relations, relations_table=relations_table) @expose('json') def gener_new_relation(self): sounds = DBSession.query(Sound).all() Relation.generation_new_relation(len(sounds)) redirect('/relation') @expose('json') def gener_null_relation(self): sounds = DBSession.query(Sound).all() Relation.generation_null_relation(len(sounds)) redirect('/relation')
def _lookup(self, project_name, *remainder): """ Project instance lookup. """ from tg.predicates import not_anonymous try: came_from = request.headers['Referer'] except Exception: came_from = request.path_url if not not_anonymous(): flash(l_('Permission is not sufficient for this user.'), 'error') redirect('/login?came_from=%s' % came_from) if DBSession.query(Projects).filter(Projects.name==project_name).first(): class UsersController(BaseController): """Subcontrollers for lookup. MAIN SITE FOR PROJECT INSTANCE. Parmission allowed only for logged user with added permision named as a project. """ # The predicate that must be met for all the actions in this controller: allow_only = has_permission(project_name, msg=l_('Permission is not sufficient for this user.')) molecules = MoleculesController() select = SelectController() synthesis = SynthesisController() library = LibraryController() results = ResultsController() @expose('molgears.templates.users.index') def index(self): """Main site for project.""" userid = request.identity['repoze.who.userid'] projects = DBSession.query(Projects).all() user = DBSession.query(User).filter_by(user_name=userid).first() perms = [p.permission_name for p in list(user.permissions)] return dict(page='index', userid=userid, projects=projects, perms=perms, pname=project_name) users = UsersController() else: users = ErrorController() return users, remainder
class ProfileController(BaseController): def __init__(self, *args, **kwargs): pass @require(predicates.not_anonymous()) @expose('rocket.templates.generic') def index(self, *args, **kwargs): html = self.get_active_profile_html(*args, **kwargs) javascript = self.get_javascript_profile_onload() title = _("My Profile") return dict(title=title, html=html, javascript=javascript) @expose() def get_active_profile_html(self, *args, **kwargs): html = f""" <div class="row"> <div class="col-md-12"> <div class="card"> <div class="card-header"> <div class="row d-flex"> <div class="col-md-6"> <h4 class="card-title">{_('My Profile')}</h4> </div> </div> <hr> </div> <div class="card-body"> </div> </div> </div> """ return html @expose() def get_javascript_profile_onload(self, *args, **kwargs): javascript = """ """ return javascript
def _check_security(self): predicate = getattr(self, 'allow_only', None) if predicate is None: return True try: predicate.check_authorization(request.environ) except NotAuthorizedError, e: reason = unicode(e) if hasattr(self, '_failed_authorization'): # Should shortcircuit the rest, but if not we will still # deny authorization self._failed_authorization(reason) if not_anonymous().is_met(request.environ): # The user is authenticated but not allowed. code = 403 status = 'error' else: # The user has not been not authenticated. code = 401 status = 'warning' pylons.response.status = code flash(reason, status=status) abort(code, comment=reason)
class WikiPageController(BaseController): def __init__(self, page, new=False): self.page = page self.new = new @expose('acmwebsite.templates.wikiview') def index(self): """View the page""" return dict(page='wiki', wikipage=self.page, new=self.new) @expose('acmwebsite.templates.wikiedit') @require(predicates.not_anonymous()) def edit(self, title=None, content=None, comment=None): user = request.identity.get('user') if (self.page. edit_permission # pages without permissions set may be edited by anyone and self.page.edit_permission not in user.permissions): abort(403, "You do not have permission to edit this page.") if title or content or comment: self.page = WikiPage(slug=self.page.slug, title=title, content=content, comment=comment, author=user) DBSession.add(self.page) flash( "Your changes have been saved. Thank you for your attention to detail." ) redirect(request.url.replace('/edit', '')) return dict(page='wiki', wikipage=self.page, new=self.new) @expose('acmwebsite.templates.wikihistory') def history(self): revisions = (DBSession.query(WikiPage).filter( WikiPage.slug == self.page.slug).order_by( WikiPage.revision.desc()).all()) return dict(page='wiki', revisions=revisions)
class PlayerController(BaseController): allow_only = predicates.not_anonymous() def _before(self, *args, **kw): tmpl_context.project_name = "SpacePlayer" @expose('webplayer.templates.player') def index(self, id=2, previous_id=1): try: sound = DBSession.query(Sound).get(id) sound_url = '/music/' + str(sound.sound_id) + '.mp3' except: redirect('/sound') return dict(page='player', sound=sound, sound_url=sound_url, previous_id=previous_id) @expose() def next_button(self, current_time_next, current_id, previous_id): next_sound = current_id try: if int(current_time_next) < 38: Relation.reduce_own_value(current_id) Relation.reduce_relation(previous_id, current_id) next_sound = Relation.get_next_sound(previous_id) elif int(current_time_next) >= 38 and int(current_time_next) < 61: next_sound = Relation.get_next_sound(current_id) previous_id = current_id elif int(current_time_next) >= 61: Relation.increase_own_value(current_id) Relation.increase_relation(previous_id, current_id) next_sound = Relation.get_next_sound(current_id) previous_id = current_id except: pass redirect('/player', dict(id=next_sound, previous_id=previous_id)) @expose() def previous_button(self, current_time_pre, current_id, previous_id): next_sound = current_id try: if int(current_time_pre) < 38: Relation.reduce_own_value(current_id) Relation.reduce_relation(current_id, previous_id) next_sound = Relation.get_previous_sound(previous_id) elif int(current_time_pre) >= 38 and int(current_time_pre) < 61: next_sound = Relation.get_previous_sound(current_id) previous_id = current_id elif int(current_time_pre) >= 61: Relation.increase_own_value(current_id) Relation.increase_relation(current_id, previous_id) next_sound = Relation.get_previous_sound(current_id) previous_id = current_id except: pass redirect('/player', dict(id=next_sound, previous_id=previous_id)) @expose() def stop_button(self, current_time_stop, current_id, previous_id): try: if int(current_time_stop) > 61: Relation.increase_own_value(current_id) except: pass redirect('/player', dict(id=current_id, previous_id=previous_id))
count = kwargs['count'] for license in licenses: flash(license) redirect('/admin_panel') #Manage controllers #_________________________________________ #Create license @expose() @require(predicates.not_anonymous(msg='Must be logged in.')) def create_license(self, **data): user_name = request.identity['repoze.who.userid'] user_id = DBSession.query(model.User.user_id).filter(model.User.user_name==user_name).first().user_id #Make sure that the computer_id belongs to user who is loggned in and that it has assignments if DBSession.query(model.Computer).filter(model.Computer.id==data['id'], model.Computer.user_id==user_id).count() < 1 or DBSession.query(model.Assignment).filter(model.Assignment.computer_id==data['id'], model.Assignment.user_id==user_id).count() < 1: flash(('This incident has been reported'), 'error') redirect('/manage') assignments = DBSession.query(model.Assignment.id).join(model.Computer).filter(model.Computer.id==data['id']).all() grouped_assignments = DBSession.query(func.sum(model.Assignment.count).label('count_sum'), model.Assignment, model.Computer, model.License).join(model.Computer).join(model.License).filter(model.Computer.id==data['id']).group_by(model.License.id).all() plain_license = LicenseFormat()
def test_authenticated_user(self): environ = make_environ('gustavo') p = predicates.not_anonymous() self.eval_met_predicate(p, environ)
def test_anonymous_user(self): environ = {} p = predicates.not_anonymous() self.eval_unmet_predicate(p, environ, 'The current user must have been authenticated')