def decorated_function(*args, **kwargs):
if current_user.has_department(
kwargs["department_id"]) or current_user.is_admin():
return view_function(*args, **kwargs)
flash('You do not have sufficient permissions to do that',
'alert alert-danger')
return redirect(request.args.get('next') or '/')
def decorated_function(*args, **kwargs):
try:
department = Department.query.filter_by(
short_name=kwargs["short_name"].upper()).first()
except KeyError:
department = Department.query.filter_by(
id=kwargs["department_id"]).first()
# check whether the current dataset is public
dataset_is_public = True
if dataset:
try:
dataset_is_public = getattr(department,
"is_public_{}".format(dataset))
except ValueError:
dataset_is_public = True
# check whether the user has access to this department
if current_user.is_authenticated():
user_has_dept_access = current_user.has_department(
department.id) or current_user.is_admin()
else:
user_has_dept_access = False
# abort with a 403 Forbidden if the department or dataset's not public and the user's not authorized to access it
if (not department.is_public or not dataset_is_public) and (
not current_user.is_authenticated()
or not user_has_dept_access):
abort(403)
return view_function(*args, **kwargs)
def edit_chart_block(department_id, chart_slug):
block = ChartBlock.query.filter_by(department_id=department_id, slug=chart_slug).first()
if not block:
abort(404)
if not current_user.has_department(department_id) and not current_user.is_admin():
abort(401)
# set values if they were passed
block.title = request.form["chart_title"] if "chart_title" in request.form and request.form["chart_title"] else block.title
block.content = request.form["chart_content"] if "chart_content" in request.form and request.form["chart_content"] else block.content
if ("chart_order" in request.form and request.form["chart_order"]):
try:
int(request.form["chart_order"])
except:
pass
else:
block.order = request.form["chart_order"]
block.save()
if "blocks_prefix" in request.form:
# Importing this at the top of file caused a circular dependency
# issue so we do a delayed import here
from comport.department.models import Department
department = Department.query.filter_by(id=department_id).first()
blocks = department.get_blocks_by_slug_startswith(request.form["blocks_prefix"])
block.order = max(min(block.order, len(blocks) - 1), 0)
block.save()
# Init new array to length of blocks
new_blocks = [None] * len(blocks)
# Put block of interest where it's supposed to be
new_blocks[block.order] = block
blocks.pop(blocks.index(block))
# Iterate through new_blocks
for index, value in enumerate(new_blocks):
if value is not None:
continue
move_block = blocks.pop(0)
move_block.order = index
move_block.save()
new_blocks[index] = move_block
if request.referrer and 'edit' in request.referrer:
new_path = urlparse(request.referrer.replace('/edit/', '/preview/')).path
else:
new_path = url_for(
'department.department_dashboard', department_id=department_id
)
return redirect(new_path)
def edit_chart_block(department_id, chart_slug):
block = ChartBlock.query.filter_by(department_id=department_id, slug=chart_slug).first()
if not block:
abort(404)
if not current_user.has_department(department_id) and not current_user.is_admin():
abort(401)
block.title = request.form["chart_title"]
block.content = request.form["chart_content"]
block.save()
return redirect(url_for(
'department.department_dashboard', department_id=department_id
))
def edit_chart_block(department_id, chart_slug):
block = ChartBlock.query.filter_by(department_id=department_id,
slug=chart_slug).first()
if not block:
abort(404)
if not current_user.has_department(
department_id) and not current_user.is_admin():
abort(401)
block.title = request.form["chart_title"]
block.content = request.form["chart_content"]
block.save()
return redirect(
url_for('department.department_dashboard',
department_id=department_id))
def decorated_function(*args, **kwargs):
if current_user.has_department(kwargs["department_id"]) or current_user.is_admin():
return view_function(*args, **kwargs)
flash('You do not have sufficent permissions to do that', 'alert alert-danger')
return redirect(request.args.get('next') or '/')
def edit_chart_block(department_id, chart_slug):
block = ChartBlock.query.filter_by(department_id=department_id,
slug=chart_slug).first()
if not block:
abort(404)
if not current_user.has_department(
department_id) and not current_user.is_admin():
abort(401)
# set values if they were passed
block.title = request.form[
"chart_title"] if "chart_title" in request.form and request.form[
"chart_title"] else block.title
block.content = request.form[
"chart_content"] if "chart_content" in request.form and request.form[
"chart_content"] else block.content
if ("chart_order" in request.form and request.form["chart_order"]):
try:
int(request.form["chart_order"])
except:
pass
else:
block.order = request.form["chart_order"]
block.save()
if "blocks_prefix" in request.form:
# Importing this at the top of file caused a circular dependency
# issue so we do a delayed import here
from comport.department.models import Department
department = Department.query.filter_by(id=department_id).first()
blocks = department.get_blocks_by_slug_startswith(
request.form["blocks_prefix"])
block.order = max(min(block.order, len(blocks) - 1), 0)
block.save()
# Init new array to length of blocks
new_blocks = [None] * len(blocks)
# Put block of interest where it's supposed to be
new_blocks[block.order] = block
blocks.pop(blocks.index(block))
# Iterate through new_blocks
for index, value in enumerate(new_blocks):
if value is not None:
continue
move_block = blocks.pop(0)
move_block.order = index
move_block.save()
new_blocks[index] = move_block
if request.referrer and 'edit' in request.referrer:
new_path = urlparse(request.referrer.replace('/edit/',
'/preview/')).path
else:
new_path = url_for('department.department_dashboard',
department_id=department_id)
return redirect(new_path)
