def project_list():
if request.method == 'POST':
form = AdminProjectForm(request.form)
proj = Project()
form.populate_obj(proj)
if not g.user.is_superuser():
proj.pi = g.user
proj.is_active = False
if form.validate():
try:
db.session.add(proj)
db.session.commit()
if g.user.is_superuser():
flash("Sucess: Project Created")
else:
flash("Sucess: Project Requested")
return redirect(url_for('.project_list'))
except:
flash("Failed to update database")
db.session.rollback()
return render_template('project_edit.html', form=form, proj=proj)
return render_template('project_edit.html', form=form, proj=proj)
if g.user.is_superuser():
form = AdminProjectForm()
else:
form = ProjectForm()
projects = Project.query.order_by(Project.name) if g.user.is_superuser() else Project.query.filter(Project.pi==g.user).order_by(Project.name)
active = projects.filter(Project.is_active==True)
inactive = projects.filter(Project.is_active==False)
return render_template('project_list.html', projects=projects,
form=form, active=active, inactive=inactive)
def wrapper(*args, **kwargs):
subj_str = None
project = None
if g.user.is_superuser():
return f(*args, **kwargs)
if 'filename' in kwargs:
subj_str, exten = parse_filename(kwargs['filename'])
if 'subject' in kwargs:
subj_str = kwargs['subject']
if 'session_id' in kwargs:
session = Session.query.get(
kwargs['session_id'])
if not session: abort(404)
project = session.project
if 'invoice_id' in kwargs:
invoice = Invoice.query.get(
kwargs['invoice_id'])
if not invoice: abort(404)
project = invoice.project
if 'pi_uname' in kwargs:
if g.user.username == kwargs['pi_uname']:
return f(*args, **kwargs)
if 'series_id' in kwargs:
subj_str = Series.query.get(
kwargs['series_id']).subject.name
if subj_str:
project = Subject.query.filter(
Subject.name==subj_str).first().project
if 'project_id' in kwargs:
project = Project.get(kwargs['project_id'])
if project:
if project.auth(g.user):
return f(*args, **kwargs)
abort(403)
