def show_talk(seminar_id, talkid): token = request.args.get("token", "") # save the token so user can toggle between view and edit talk = talks_lucky({"seminar_id": seminar_id, "seminar_ctr": talkid}, prequery={}) if talk is None: return abort(404, "Talk not found") if not talk.visible(): # There may be a non-API version of the seminar that can be shown talk = talks_lucky({"seminar_id": seminar_id, "seminar_ctr": talkid}) if talk is None or not talk.visible(): flash_error("You do not have permission to view %s/%s", seminar_id, talkid) return redirect(url_for("semseries_index")) kwds = dict( title="View talk", talk=talk, seminar=talk.seminar, subsection="viewtalk", token=token ) if token: kwds["section"] = "Manage" # Also want to override top menu from seminars.utils import top_menu menu = top_menu() menu[1] = (url_for("create.index"), "", "Manage") kwds["top_menu"] = menu elif ( current_user.is_subject_admin(talk) or current_user.email_confirmed and ( current_user.email in talk.seminar.editors() or current_user.email == talk.speaker_email ) ): kwds["section"] = "Manage" return render_template("talk.html", **kwds)
def show_talk(semid, talkid): token = request.args.get( "token", "") # save the token so user can toggle between view and edit talk = talks_lucky({"seminar_id": semid, "seminar_ctr": talkid}) if talk is None: return not_found_404("Talk not found") kwds = dict(title="View talk", talk=talk, seminar=talk.seminar, subsection="viewtalk", token=token) if token: kwds["section"] = "Manage" # Also want to override top menu from seminars.utils import top_menu menu = top_menu() menu[2] = (url_for("create.index"), "", "Manage") kwds["top_menu"] = menu elif (current_user.is_subject_admin(talk) or current_user.email_confirmed and (current_user.email in talk.seminar.editors() or current_user.email == talk.speaker_email)): kwds["section"] = "Manage" return render_template("talk.html", **kwds)
def revive_talk(semid, semctr): talk = talks_lookup(semid, semctr, include_deleted=True) if talk is None: flash_error("Talk %s/%s was deleted permanently", semid, semctr) return redirect(url_for(".edit_seminar_schedule", shortname=semid), 302) if not current_user.is_subject_admin( talk) and talk.seminar.owner != current_user: flash_error("You do not have permission to revive this talk") return redirect(url_for(".index"), 302) if not talk.deleted: flash_error("Talk %s/%s was not deleted, so cannot be revived", semid, semctr) return redirect( url_for(".edit_talk", seminar_id=semid, seminar_ctr=semctr), 302) else: db.talks.update({ "seminar_id": semid, "seminar_ctr": semctr }, {"deleted": False}) flash( "Talk revived. Note that any users who were subscribed no longer are." ) return redirect(url_for(".edit_seminar_schedule", shortname=semid), 302)
def show_seminar(shortname): seminar = seminars_lucky({"shortname": shortname}) if seminar is None: return not_found_404("Seminar not found") if not seminar.visible(): flash_error("You do not have permission to view %s", seminar.name) return redirect(url_for("search_seminars"), 302) talks = seminar.talks(projection=3) now = get_now() future = [] past = [] for talk in talks: if talk.end_time >= now: future.append(talk) else: past.append(talk) future.sort(key=lambda talk: talk.start_time) past.sort(key=lambda talk: talk.start_time, reverse=True) if current_user.email in seminar.editors( ) or current_user.is_subject_admin(seminar): section = "Manage" else: section = None return render_template( "seminar.html", title="View series", future=future, past=past, seminar=seminar, section=section, subsection="view", bread=None, )
def user_can_edit(self): # Check whether the current user can edit the seminar # See can_edit_seminar for another permission check # that takes a seminar's shortname as an argument # and returns various error messages if not editable return current_user.is_subject_admin(self) or ( current_user.email_confirmed and current_user.email.lower() in self.editors())
def visible(self): """ Whether this seminar should be shown to the current user """ return (self.owner == current_user.email or current_user.is_subject_admin(self) or # TODO: remove temporary measure of allowing visibility None self.display and (self.visibility is None or self.visibility > 0 or current_user.email in self.editors()))
def visible(self): """ Whether this talk should be shown to the current user The visibility of a talk is at most the visibility of the seminar, but it can also be hidden even if the seminar is public. """ return (self.seminar.owner == current_user.email or current_user.is_subject_admin(self) or self.display and ((self.seminar.visibility is None or self.seminar.visibility > 0) and not self.hidden or current_user.email in self.seminar.editors()))
def permdelete_seminar(shortname): seminar = seminars_lookup(shortname, include_deleted=True) if seminar is None: flash_error("Series %s already deleted permanently", shortname) return redirect(url_for(".index"), 302) if not current_user.is_subject_admin( seminar) and seminar.owner != current_user: flash_error("You do not have permission to delete seminar %s", shortname) return redirect(url_for(".index"), 302) if not seminar.deleted: flash_error("You must delete seminar %s first", shortname) return redirect(url_for(".edit_seminar", shortname=shortname), 302) else: db.seminars.delete({"shortname": shortname}) db.talks.delete({"seminar_id": shortname}) flash("Series %s permanently deleted" % shortname) return redirect(url_for(".index"), 302)
def permdelete_talk(semid, semctr): talk = talks_lookup(semid, semctr, include_deleted=True) if talk is None: flash_error("Talk %s/%s already deleted permanently", semid, semctr) return redirect(url_for(".edit_seminar_schedule", shortname=semid), 302) if not current_user.is_subject_admin( talk) and talk.seminar.owner != current_user: flash_error("You do not have permission to delete this seminar") return redirect(url_for(".index"), 302) if not talk.deleted: flash_error("You must delete talk %s/%s first", semid, semctr) return redirect( url_for(".edit_talk", seminar_id=semid, seminar_ctr=semctr), 302) else: db.talks.delete({"seminar_id": semid, "seminar_ctr": semctr}) flash("Talk %s/%s permanently deleted" % (semid, semctr)) return redirect(url_for(".edit_seminar_schedule", shortname=semid), 302)
def revive_seminar(shortname): seminar = seminars_lookup(shortname, include_deleted=True) if seminar is None: flash_error("Series %s was deleted permanently", shortname) return redirect(url_for(".index"), 302) if not current_user.is_subject_admin( seminar) and seminar.owner != current_user: flash_error("You do not have permission to revive seminar %s", shortname) return redirect(url_for(".index"), 302) if not seminar.deleted: flash_error("Series %s was not deleted, so cannot be revived", shortname) else: db.seminars.update({"shortname": shortname}, {"deleted": False}) db.talks.update({"seminar_id": shortname}, {"deleted": False}) flash( "Series %s revived. You should reset the organizers, and note that any users that were subscribed no longer are." % shortname) return redirect(url_for(".edit_seminar", shortname=shortname), 302)
def seminars_parser(info, query, org_query={}, org_keywords=False, conference=False): parse_topic(info, query) parse_institution_sem(info, query) #parse_venue(info, query) org_cols = ["name", "homepage"] if current_user.is_subject_admin(None): org_cols.append("email") parse_substring(info, org_query, "organizer", org_cols) if org_keywords: parse_substring(info, org_query, "keywords", org_cols) else: parse_substring(info, query, "keywords", ["name", "description", "homepage", "shortname", "comments"] ) parse_access(info, query) parse_language(info, query) if conference: parse_daterange(info, query, time=False) parse_substring(info, query, "name", ["name"]) query["display"] = True query["visibility"] = 2
def show_seminar(shortname): # We need organizers to be able to see seminars with display=False seminar = seminars_lucky({"shortname": shortname}, include_pending=True) if seminar is None: return abort(404, "Seminar not found") if not seminar.visible(): # There may be a non-API version of the seminar that can be shown name = seminar.name # for flash_error seminar = seminars_lucky({"shortname": shortname}) if seminar is None or not seminar.visible(): flash_error("You do not have permission to view %s", name) return redirect(url_for("seminar_series_index"), 302) talks = seminar.talks(projection=3) now = get_now() future = [] past = [] for talk in talks: if talk.end_time >= now: future.append(talk) else: past.append(talk) future.sort(key=lambda talk: talk.start_time) past.sort(key=lambda talk: talk.start_time, reverse=True) if current_user.email in seminar.editors( ) or current_user.is_subject_admin(seminar): section = "Manage" else: section = None return render_template( "seminar.html", title="View series", future=future, past=past, seminar=seminar, section=section, subsection="view", bread=None, )
def organizers_keyword_columns(): return ["name", "homepage", "email" ] if current_user.is_subject_admin(None) else ["name", "homepage"]