def void(self, id):
if not h.auth.authorized(
h.auth.Or(h.auth.is_same_zkpylons_attendee(id),
h.auth.has_organiser_role)):
# Raise a no_auth error
h.auth.no_role()
c.invoice = Invoice.find_by_id(id, True)
if c.invoice.is_void:
h.flash("Invoice was already voided.")
return redirect_to(action='view', id=c.invoice.id)
elif len(c.invoice.payment_received) and h.auth.authorized(
h.auth.has_organiser_role):
h.flash("Invoice has a payment applied to it, do you want to " +
h.link_to('Refund', h.url_for(action='refund')) +
" instead?")
return redirect_to(action='view', id=c.invoice.id)
elif len(c.invoice.payment_received):
h.flash("Cannot void a paid invoice.")
return redirect_to(action='view', id=c.invoice.id)
elif h.auth.authorized(h.auth.has_organiser_role):
c.invoice.void = "Administration Change"
meta.Session.commit()
h.flash("Invoice was voided.")
return redirect_to(action='view', id=c.invoice.id)
else:
c.invoice.void = "User cancellation"
c.person = c.invoice.person
meta.Session.commit()
email(lca_info['contact_email'],
render('/invoice/user_voided.mako'))
h.flash("Previous invoice was voided.")
return redirect_to(controller='registration',
action='pay',
id=c.person.registration.id)
def index(self):
"""The home page of the website.
If the user has not signed in, then they are presented with the
default page.
Otherwise, they're shown the customised page.
We rely on `c.signed_in_person` containing the Person object for
the currently signed in user, but we don't want to redirect to
the signin action if we're not signed in so we duplicate the
__before__ code from SecureController here.
"""
if 'signed_in_person_id' in session:
c.signed_in_person = self.dbsession.query(Person).filter_by(id=session['signed_in_person_id']).one()
c.db_content = DbContent.find_by_url('/home', abort_404=False)
c.tiered_sponsors = Sponsor.find_all_tiered()
c.venue_photos = Photo.find_all_by_gallery("Venue")
venue_text_url = '/venue'
c.venue_text = DbContent.find_by_url(
venue_text_url, abort_404=False).body
if not c.venue_text:
c.venue_text = 'To put content here create a page with a URL of '
'<u>{venue_text_url}</u> in the <a href="{page_database_url}">page '
'database</a>.'.format(
venue_text_url = venue_text_url,
page_database_url = h.url_for(
controller='db_content', action='new'))
return render('/home.mako')
def void(self, id):
if not h.auth.authorized(h.auth.Or(h.auth.is_same_zkpylons_attendee(id), h.auth.has_organiser_role)):
# Raise a no_auth error
h.auth.no_role()
c.invoice = Invoice.find_by_id(id, True)
if c.invoice.is_void:
h.flash("Invoice was already voided.")
return redirect_to(action="view", id=c.invoice.id)
elif len(c.invoice.payment_received) and h.auth.authorized(h.auth.has_organiser_role):
h.flash(
"Invoice has a payment applied to it, do you want to "
+ h.link_to("Refund", h.url_for(action="refund"))
+ " instead?"
)
return redirect_to(action="view", id=c.invoice.id)
elif len(c.invoice.payment_received):
h.flash("Cannot void a paid invoice.")
return redirect_to(action="view", id=c.invoice.id)
elif h.auth.authorized(h.auth.has_organiser_role):
c.invoice.void = "Administration Change"
meta.Session.commit()
h.flash("Invoice was voided.")
return redirect_to(action="view", id=c.invoice.id)
else:
c.invoice.void = "User cancellation"
c.person = c.invoice.person
meta.Session.commit()
email(lca_info["contact_email"], render("/invoice/user_voided.mako"))
h.flash("Previous invoice was voided.")
return redirect_to(controller="registration", action="pay", id=c.person.registration.id)
def validate_python(self, values, state):
assertion = values['assertion']
audience = h.url_for(qualified=True, controller='home').strip("/")
page = urllib2.urlopen('https://verifier.login.persona.org/verify',
urllib.urlencode({ "assertion": assertion,
"audience": audience}))
data = json.load(page)
if data['status'] == 'okay':
c.email = data['email']
c.person = Person.find_by_email(c.email)
if c.person is None:
if not Config.get('account_creation'):
error_message = "Your sign-in details are incorrect; try the 'Forgotten your password' link below."
message = "Login failed"
error_dict = {'email_address': error_message}
raise Invalid(message, values, state, error_dict=error_dict)
# Create a new account for this email address
c.person = Person()
c.person.email_address = data['email']
c.person.activated = True
meta.Session.add(c.person)
meta.Session.commit()
if not c.person.activated:
# Persona returns verified emails only, so might as well confirm this one...
c.person.activated = True
meta.Session.commit()
def json(self):
schedules = Schedule.find_all()
output = []
for schedule in schedules:
if not schedule.time_slot.heading:
row = {}
speakers = schedule.event.computed_speakers()
speaker_emails = schedule.event.computed_speaker_emails()
row['Id'] = schedule.id
row['Event'] = schedule.event_id
row['Title'] = schedule.event.computed_title()
row['Room Name'] = schedule.location.display_name
row['Start'] = str(schedule.time_slot.start_time)
row['Duration'] = str(schedule.time_slot.end_time - schedule.time_slot.start_time)
if speakers:
row['Presenters'] = ','.join(speakers)
if speaker_emails:
row['Presenter_emails'] = ','.join(speaker_emails)
row['Description'] = schedule.event.computed_abstract()
if schedule.event.proposal:
row['URL'] = h.url_for(qualified=True, controller='schedule', action='view_talk', id=schedule.event.proposal_id)
output.append(row)
response.charset = 'utf8'
response.headers['content-type'] = 'application/json; charset=utf8'
response.headers.add('content-transfer-encoding', 'binary')
response.headers.add('Pragma', 'cache')
response.headers.add('Cache-Control', 'max-age=3600,public')
return json.write(output)
def edit(self, id):
c.review = Review.find_by_id(id)
redirect_to(
h.url_for(controller='proposal',
id=c.review.proposal.id,
action='review'))
def json(self):
schedules = Schedule.find_all()
output = []
for schedule in schedules:
if not schedule.time_slot.heading:
row = {}
speakers = schedule.event.computed_speakers()
speaker_emails = schedule.event.computed_speaker_emails()
video_release = schedule.event.video_release()
row['Id'] = schedule.id
row['Event'] = schedule.event_id
row['Title'] = schedule.event.computed_title()
row['Room Name'] = schedule.location.display_name
row['Start'] = str(schedule.time_slot.start_time)
row['Duration'] = str(schedule.time_slot.end_time - schedule.time_slot.start_time)
if speakers:
row['Presenters'] = ','.join(speakers)
if speaker_emails:
row['Presenter_emails'] = ','.join(speaker_emails)
row['Description'] = schedule.event.computed_abstract()
if schedule.event.proposal:
row['URL'] = h.url_for(qualified=True, controller='schedule', action='view_talk', id=schedule.event.proposal_id)
row['video_release'] = video_release
output.append(row)
response.headers.add('Pragma', 'cache')
response.headers.add('Cache-Control', 'max-age=3600,public')
return output
def ical(self):
c.schedule_collection = Schedule.find_all()
ical = vobject.iCalendar()
for schedule in c.schedule_collection:
if not schedule.time_slot.heading:
event = ical.add('vevent')
event.add('uid').value = str(schedule.id) + '@' + Config.get('event_host')
# Created
tz = timezone(Config.get('time_zone'))
event.add('created').value = schedule.creation_timestamp.replace(tzinfo=tz)
# Last Modified
event.add('dtstamp').value = schedule.last_modification_timestamp.replace(tzinfo=tz)
event.add('last-modified').value = schedule.last_modification_timestamp.replace(tzinfo=tz)
# Start and End Time
event.add('dtstart').value = schedule.time_slot.start_time.replace(tzinfo=tz)
event.add('dtend').value = schedule.time_slot.end_time.replace(tzinfo=tz)
# Title and Author (need to add Author here)
event.add('summary').value = schedule.event.computed_title() + '. ' + h.list_to_string(schedule.event.computed_speakers())
# Abstract, if we have one
event.add('description').value = schedule.event.computed_abstract()
# Add a URL
if schedule.event.proposal:
event.add('url').value = h.url_for(qualified=True, controller='schedule', action='view_talk', id=schedule.event.proposal.id)
elif not (schedule.event.url is None or schedule.event.url == ''):
if schedule.event.url.startswith('https://') or schedule.event.url.startswith('http://'):
event.add('url').value = h.url_for(str(schedule.event.url))
else:
event.add('url').value = h.url_for(str(schedule.event.url), qualified=True)
concurrent_schedules = schedule.event.schedule_by_time_slot(schedule.time_slot)
for concurrent_schedule in concurrent_schedules:
if concurrent_schedule != schedule:
if concurrent_schedule in c.schedule_collection:
c.schedule_collection.remove(concurrent_schedule)
locations = [concurrent_schedule.location.display_name for concurrent_schedule in concurrent_schedules]
event.add('location').value = h.list_to_string(locations)
response.charset = 'utf8'
response.headers['content-type'] = 'text/calendar; charset=utf8'
response.headers.add('content-transfer-encoding', 'binary')
response.headers.add('Pragma', 'cache')
response.headers.add('Cache-Control', 'max-age=3600,public')
return ical.serialize()
def ical(self):
c.schedule_collection = Schedule.find_all()
ical = vobject.iCalendar()
for schedule in c.schedule_collection:
if not schedule.time_slot.heading:
event = ical.add('vevent')
event.add('uid').value = str(schedule.id) + '@' + Config.get('event_host')
# Created
tz = timezone(Config.get('time_zone'))
event.add('created').value = schedule.creation_timestamp.replace(tzinfo=tz)
# Last Modified
event.add('dtstamp').value = schedule.last_modification_timestamp.replace(tzinfo=tz)
event.add('last-modified').value = schedule.last_modification_timestamp.replace(tzinfo=tz)
# Start and End Time
event.add('dtstart').value = schedule.time_slot.start_time.replace(tzinfo=tz)
event.add('dtend').value = schedule.time_slot.end_time.replace(tzinfo=tz)
# Title and Author (need to add Author here)
event.add('summary').value = schedule.event.computed_title() + '. ' + h.list_to_string(schedule.event.computed_speakers())
# Abstract, if we have one
event.add('description').value = schedule.event.computed_abstract()
# Add a URL
if schedule.event.proposal:
event.add('url').value = h.url_for(qualified=True, controller='schedule', action='view_talk', id=schedule.event.proposal.id)
elif not (schedule.event.url is None or schedule.event.url == ''):
if schedule.event.url.startswith('https://') or schedule.event.url.startswith('http://'):
event.add('url').value = h.url_for(str(schedule.event.url))
else:
event.add('url').value = h.url_for(str(schedule.event.url), qualified=True)
concurrent_schedules = schedule.event.schedule_by_time_slot(schedule.time_slot)
for concurrent_schedule in concurrent_schedules:
if concurrent_schedule != schedule:
if concurrent_schedule in c.schedule_collection:
c.schedule_collection.remove(concurrent_schedule)
locations = [concurrent_schedule.location.display_name for concurrent_schedule in concurrent_schedules]
event.add('location').value = h.list_to_string(locations)
response.charset = 'utf8'
response.headers['content-type'] = 'text/calendar; charset=utf8'
response.headers.add('content-transfer-encoding', 'binary')
response.headers.add('Pragma', 'cache')
response.headers.add('Cache-Control', 'max-age=3600,public')
return ical.serialize()
def edit(self, id=None):
#
# Helpfully redirect to the correct URL.
#
if id is None:
return redirect_to(h.url_for(id=h.signed_in_person().id))
#
# Only an organiser can edit someone elses photos.
#
if not h.auth.authorized(h.auth.Or(h.auth.is_same_zkpylons_user(id), h.auth.has_organiser_role)):
h.auth.no_role()
person_id = int(id, 10)
c.open_date = lca_info.lca_info['date']
c.days_open = (datetime.date.today() - c.open_date.date()).days
photo_db = PhotoCompEntry.read_db()
c.photo = lambda day, entry: PhotoCompEntry.get(photo_db, person_id, day, entry)
c.is_organiser = h.auth.authorized(h.auth.has_organiser_role)
c.DAYS_OPEN = DAYS_OPEN
c.ENTRY_NAMES = ENTRY_NAMES
return render('/photocomp/edit.mako')
def edit(self, id=None):
#
# Helpfully redirect to the correct URL.
#
if id is None:
return redirect_to(h.url_for(id=h.signed_in_person().id))
#
# Only an organiser can edit someone elses photos.
#
if not h.auth.authorized(h.auth.Or(h.auth.is_same_zkpylons_user(id), h.auth.has_organiser_role)):
h.auth.no_role()
person_id = int(id, 10)
c.open_date = lca_info.lca_info['date']
c.days_open = (datetime.date.today() - c.open_date.date()).days
photo_db = PhotoCompEntry.read_db()
c.photo = lambda day, entry: PhotoCompEntry.get(photo_db, person_id, day, entry)
c.is_organiser = h.auth.authorized(h.auth.has_organiser_role)
c.DAYS_OPEN = DAYS_OPEN
c.ENTRY_NAMES = ENTRY_NAMES
return render('/photocomp/edit.mako')
def _edit(self, id):
# We need to recheck auth in here so we can pass in the id
if not h.auth.authorized(
h.auth.Or(h.auth.is_same_zkpylons_submitter(id),
h.auth.has_organiser_role)):
# Raise a no_auth error
h.auth.no_role()
if not h.auth.authorized(h.auth.has_organiser_role):
if c.proposal_editing == 'closed' and not h.auth.authorized(
h.auth.has_late_submitter_role):
return render("proposal/editing_closed.mako")
elif c.proposal_editing == 'not_open':
return render("proposal/editing_not_open.mako")
c.proposal = Proposal.find_by_id(id)
for key in self.form_result['proposal']:
setattr(c.proposal, key, self.form_result['proposal'][key])
c.proposal.abstract = self.clean_abstract(c.proposal.abstract)
c.person = self.form_result['person_to_edit']
if (c.person.id == h.signed_in_person().id
or h.auth.authorized(h.auth.has_organiser_role)):
for key in self.form_result['person']:
setattr(c.person, key, self.form_result['person'][key])
p_edit = "and author"
else:
p_edit = "(but not author)"
meta.Session.commit()
if lca_info['proposal_update_email'] != '':
body = "Subject: %s Proposal Updated\n\nID: %d\nTitle: %s\nType: %s\nURL: %s" % (
h.lca_info['event_name'], c.proposal.id, c.proposal.title,
c.proposal.type.name.lower(),
"http://" + h.host_name() + h.url_for(action="view"))
email(lca_info['proposal_update_email'], body)
h.flash("Proposal %s edited!" % p_edit)
return redirect_to('/proposal')
def generate_hash(self, id):
if not h.auth.authorized(h.auth.Or(h.auth.is_same_zkpylons_attendee(id), h.auth.has_organiser_role, h.auth.has_unique_key())):
# Raise a no_auth error
h.auth.no_role()
url = h.url_for(action='view', id=id)
c.hash = URLHash.find_by_url(url=url)
if c.hash is None:
c.hash = URLHash()
c.hash.url = url
meta.Session.add(c.hash)
meta.Session.commit()
# create an entry for the payment page (not needed)
# TODO: depending on how the gateway works, you may need to make sure you have permissions for the page you get redirected to
#c.hash = URLHash()
#c.hash.url = h.url_for(action='pay')
#meta.Session.add(c.hash)
#meta.Session.commit()
return render('/invoice/generate_url.mako')
def generate_hash(self, id):
if not h.auth.authorized(h.auth.Or(h.auth.is_same_zkpylons_attendee(id), h.auth.has_organiser_role, h.auth.has_unique_key())):
# Raise a no_auth error
h.auth.no_role()
url = h.url_for(action='view', id=id)
c.hash = URLHash.find_by_url(url=url)
if c.hash is None:
c.hash = URLHash()
c.hash.url = url
meta.Session.add(c.hash)
meta.Session.commit()
# create an entry for the payment page (not needed)
# TODO: depending on how the gateway works, you may need to make sure you have permissions for the page you get redirected to
#c.hash = URLHash()
#c.hash.url = h.url_for(action='pay')
#meta.Session.add(c.hash)
#meta.Session.commit()
return render('/invoice/generate_url.mako')
def _edit(self, id):
# We need to recheck auth in here so we can pass in the id
if not h.auth.authorized(h.auth.Or(h.auth.is_same_zkpylons_submitter(id), h.auth.has_organiser_role)):
# Raise a no_auth error
h.auth.no_role()
if not h.auth.authorized(h.auth.has_organiser_role):
if c.proposal_editing == "closed" and not h.auth.authorized(h.auth.has_late_submitter_role):
return render("proposal/editing_closed.mako")
elif c.proposal_editing == "not_open":
return render("proposal/editing_not_open.mako")
c.proposal = Proposal.find_by_id(id)
for key in self.form_result["proposal"]:
setattr(c.proposal, key, self.form_result["proposal"][key])
c.proposal.abstract = self.clean_abstract(c.proposal.abstract)
c.person = self.form_result["person_to_edit"]
if c.person.id == h.signed_in_person().id or h.auth.authorized(h.auth.has_organiser_role):
for key in self.form_result["person"]:
setattr(c.person, key, self.form_result["person"][key])
p_edit = "and author"
else:
p_edit = "(but not author)"
meta.Session.commit()
if lca_info["proposal_update_email"] != "":
body = "Subject: %s Proposal Updated\n\nID: %d\nTitle: %s\nType: %s\nURL: %s" % (
h.lca_info["event_name"],
c.proposal.id,
c.proposal.title,
c.proposal.type.name.lower(),
"http://" + h.host_name() + h.url_for(action="view"),
)
email(lca_info["proposal_update_email"], body)
h.flash("Proposal %s edited!" % p_edit)
return redirect_to("/proposal")
def edit(self, id):
c.review = Review.find_by_id(id)
redirect_to(h.url_for(controller='proposal', id=c.review.proposal.id, action='review'))
def page(self):
url = h.url_for().strip("/")
c.db_content = DbContent.find_by_url(url, abort_404=False)
if c.db_content is not None:
return self.view(c.db_content.id)
return NotFoundController().view()
def page(self):
url = h.url_for().strip("/")
c.db_content = DbContent.find_by_url(url, abort_404=False)
if c.db_content is not None:
return self.view(c.db_content.id)
return NotFoundController().view()
