def confirm(domain, hashid): post = JobPost.query.filter_by(hashid=hashid).first_or_404() form = forms.ConfirmForm() if post.status in POSTSTATUS.GONE: abort(410) elif post.status in POSTSTATUS.UNPUBLISHED and not post.admin_is(g.user): abort(403) elif post.status not in POSTSTATUS.UNPUBLISHED: # Any other status: no confirmation required (via this handler) return redirect(post.url_for(), code=302) # We get here if it's (a) POSTSTATUS.UNPUBLISHED and (b) the user is confirmed authorised if 'form.id' in request.form and form.validate_on_submit(): # User has accepted terms of service. Now send email and/or wait for payment msg = Message(subject="Confirmation of your job post at Hasjob", recipients=[post.email]) msg.html = email_transform(render_template('confirm_email.html', post=post), base_url=request.url_root) msg.body = html2text(msg.html) mail.send(msg) post.email_sent = True post.status = POSTSTATUS.PENDING db.session.commit() footer_campaign = Campaign.for_context(CAMPAIGN_POSITION.AFTERPOST, board=g.board, user=g.user, anon_user=g.anon_user, geonameids=g.user_geonameids) return render_template('mailsent.html', footer_campaign=footer_campaign) return render_template('confirm.html', post=post, form=form)
def confirm(domain, hashid): post = JobPost.query.filter_by(hashid=hashid).first_or_404() form = forms.ConfirmForm() if post.state.GONE: abort(410) elif not post.state.CONFIRMABLE: abort(403) elif not post.state.UNPUBLISHED: # Any other status: no confirmation required (via this handler) return redirect(post.url_for(), code=302) # We get here if it's (a) POST_STATE.UNPUBLISHED and (b) the user is confirmed authorised if 'form.id' in request.form and form.validate_on_submit(): # User has accepted terms of service. Now send email and/or wait for payment msg = Message(subject="Confirm your job post: {headline}".format(headline=post.headline), recipients=[post.email]) msg.html = email_transform(render_template('confirm_email.html.jinja2', post=post), base_url=request.url_root) msg.body = html2text(msg.html) mail.send(msg) post.email_sent = True if post.state.DRAFT: post.mark_pending() db.session.commit() footer_campaign = Campaign.for_context(CAMPAIGN_POSITION.AFTERPOST, board=g.board, user=g.user, anon_user=g.anon_user, geonameids=g.user_geonameids) return render_template('mailsent.html.jinja2', footer_campaign=footer_campaign) return render_template('confirm.html.jinja2', post=post, form=form)
def view_application(domain, hashid, application): post = JobPost.query.filter_by(hashid=hashid).first_or_404() # Transition code until we force all employers to login before posting if post.user and not (post.admin_is(g.user) or lastuser.has_permission('siteadmin')): if not g.user: return redirect(url_for('login', message=u"You need to be logged in to view candidate applications on Hasjob.")) else: abort(403) job_application = JobApplication.query.filter_by(hashid=application, jobpost=post).first_or_404() # If this domain doesn't match, redirect to correct URL if post.email_domain != domain: return redirect(job_application.url_for(), code=301) if job_application.response.NEW: # If the application is pending, mark it as opened. # However, don't do this if the user is a siteadmin, unless they also own the post. if job_application.mark_read.is_available: job_application.mark_read() db.session.commit() response_form = forms.ApplicationResponseForm() if not g.kiosk: if g.preview_campaign: header_campaign = g.preview_campaign else: header_campaign = Campaign.for_context(CAMPAIGN_POSITION.HEADER, board=g.board, user=g.user, anon_user=g.anon_user, geonameids=g.user_geonameids + post.geonameids) else: header_campaign = None return render_template('application.html.jinja2', post=post, job_application=job_application, header_campaign=header_campaign, response_form=response_form, is_siteadmin=lastuser.has_permission('siteadmin'))
def view_application(domain, hashid, application): post = JobPost.query.filter_by(hashid=hashid).first_or_404() # Transition code until we force all employers to login before posting if post.user and not (post.admin_is(g.user) or lastuser.has_permission('siteadmin')): if not g.user: return redirect( url_for( 'login', message= u"You need to be logged in to view candidate applications on Hasjob." )) else: abort(403) job_application = JobApplication.query.filter_by( hashid=application, jobpost=post).first_or_404() # If this domain doesn't match, redirect to correct URL if post.email_domain != domain: return redirect(job_application.url_for(), code=301) if job_application.response == EMPLOYER_RESPONSE.NEW: # If the application is pending, mark it as opened. # However, don't do this if the user is a siteadmin, unless they also own the post. if post.admin_is(g.user) or not lastuser.has_permission('siteadmin'): job_application.response = EMPLOYER_RESPONSE.PENDING db.session.commit() response_form = forms.ApplicationResponseForm() statuses = set([app.status for app in post.applications]) if not g.kiosk: if g.preview_campaign: header_campaign = g.preview_campaign else: header_campaign = Campaign.for_context( CAMPAIGN_POSITION.HEADER, board=g.board, user=g.user, anon_user=g.anon_user, geonameids=g.user_geonameids + post.geonameids) else: header_campaign = None return render_template('application.html', post=post, job_application=job_application, header_campaign=header_campaign, response_form=response_form, statuses=statuses, is_siteadmin=lastuser.has_permission('siteadmin'))
def jobdetail(domain, hashid): post = JobPost.query.filter_by(hashid=hashid).first_or_404() # If we're on a board (that's now 'www') and this post isn't on this board, # redirect to (a) the first board it is on, or (b) on the root domain (which may # be the 'www' board, which is why we don't bother to redirect if we're currently # in the 'www' board) if g.board and g.board.not_root and post.link_to_board(g.board) is None: blink = post.postboards.first() if blink: return redirect(post.url_for(subdomain=blink.board.name, _external=True)) else: return redirect(post.url_for(subdomain=None, _external=True)) # If this post is past pending state and the domain doesn't match, redirect there if post.status not in POSTSTATUS.UNPUBLISHED and post.email_domain != domain: return redirect(post.url_for(), code=301) if post.status in [POSTSTATUS.DRAFT, POSTSTATUS.PENDING]: if not ((g.user and post.admin_is(g.user))): abort(403) if post.status in POSTSTATUS.GONE: abort(410) if g.user: jobview = UserJobView.get(post, g.user) if jobview is None: jobview = UserJobView(user=g.user, jobpost=post) post.uncache_viewcounts('viewed') cache.delete_memoized(viewstats_by_id_qhour, post.id) cache.delete_memoized(viewstats_by_id_hour, post.id) cache.delete_memoized(viewstats_by_id_day, post.id) db.session.add(jobview) try: db.session.commit() except IntegrityError: db.session.rollback() post.viewcounts # Re-populate cache else: jobview = None if g.anon_user: anonview = AnonJobView.get(post, g.anon_user) if not anonview: anonview = AnonJobView(jobpost=post, anon_user=g.anon_user) db.session.add(anonview) try: db.session.commit() except IntegrityError: db.session.rollback() if g.user: report = JobPostReport.query.filter_by(post=post, user=g.user).first() else: report = None g.jobpost_viewed = (post, getbool(request.args.get('b'))) reportform = forms.ReportForm(obj=report) reportform.report_code.choices = [(ob.id, ob.title) for ob in ReportCode.query.filter_by(public=True).order_by('seq')] rejectform = forms.RejectForm() moderateform = forms.ModerateForm() if request.method == 'GET': moderateform.reason.data = post.review_comments if g.board: pinnedform = forms.PinnedForm(obj=post.link_to_board(g.board)) else: pinnedform = forms.PinnedForm(obj=post) applyform = None # User isn't allowed to apply unless non-None if g.user: job_application = JobApplication.query.filter_by(user=g.user, jobpost=post).first() if not job_application: applyform = forms.ApplicationForm() applyform.apply_phone.data = g.user.phone elif g.kiosk and g.peopleflow_url: applyform = forms.KioskApplicationForm() job_application = None else: job_application = None if reportform.validate_on_submit(): if g.user: if report is None: report = JobPostReport(post=post, user=g.user) report.reportcode_id = reportform.report_code.data report.ipaddr = request.environ['REMOTE_ADDR'] report.useragent = request.user_agent.string db.session.add(report) db.session.commit() if request.is_xhr: return "<p>Thanks! This post has been flagged for review</p>" # FIXME: Ugh! else: flash("Thanks! This post has been flagged for review", "interactive") else: if request.is_xhr: return "<p>You need to be logged in to report a post</p>" # FIXME: Ugh! else: flash("You need to be logged in to report a post", "interactive") elif request.method == 'POST' and request.is_xhr: return render_template('inc/reportform.html', reportform=reportform) if post.company_url and post.status != POSTSTATUS.ANNOUNCEMENT: domain_mismatch = not base_domain_matches(post.company_url.lower(), post.email_domain.lower()) else: domain_mismatch = False if not g.kiosk: if g.preview_campaign: header_campaign = g.preview_campaign else: header_campaign = Campaign.for_context(CAMPAIGN_POSITION.HEADER, board=g.board, user=g.user, anon_user=g.anon_user, geonameids=g.user_geonameids + post.geonameids) else: header_campaign = None if g.user and not g.kiosk: g.starred_ids = set(g.user.starred_job_ids(agelimit)) else: g.starred_ids = set() jobpost_ab = session_jobpost_ab() related_posts = post.related_posts() cache_viewcounts(related_posts) is_bgroup = getbool(request.args.get('b')) headline = post.headlineb if is_bgroup and post.headlineb else post.headline g.impressions = {rp.id: (False, rp.id, bgroup(jobpost_ab, rp)) for rp in related_posts} return render_template('detail.html', post=post, headline=headline, reportform=reportform, rejectform=rejectform, pinnedform=pinnedform, applyform=applyform, job_application=job_application, jobview=jobview, report=report, moderateform=moderateform, domain_mismatch=domain_mismatch, header_campaign=header_campaign, related_posts=related_posts, is_bgroup=is_bgroup, is_siteadmin=lastuser.has_permission('siteadmin') )
def jobdetail(domain, hashid): post = JobPost.query.filter_by(hashid=hashid).first_or_404() # If we're on a board (that's now 'www') and this post isn't on this board, # redirect to (a) the first board it is on, or (b) on the root domain (which may # be the 'www' board, which is why we don't bother to redirect if we're currently # in the 'www' board) if g.board and g.board.not_root and post.link_to_board(g.board) is None: blink = post.postboards.first() if blink: return redirect( post.url_for(subdomain=blink.board.name, _external=True)) else: return redirect(post.url_for(subdomain=None, _external=True)) # If this post is past pending state and the domain doesn't match, redirect there if post.status not in POSTSTATUS.UNPUBLISHED and post.email_domain != domain: return redirect(post.url_for(), code=301) if post.status in [POSTSTATUS.DRAFT, POSTSTATUS.PENDING]: if not ((g.user and post.admin_is(g.user))): abort(403) if post.status in POSTSTATUS.GONE: abort(410) if g.user: jobview = UserJobView.get(post, g.user) if jobview is None: jobview = UserJobView(user=g.user, jobpost=post) post.uncache_viewcounts('viewed') cache.delete_memoized(viewstats_by_id_qhour, post.id) cache.delete_memoized(viewstats_by_id_hour, post.id) cache.delete_memoized(viewstats_by_id_day, post.id) db.session.add(jobview) try: db.session.commit() except IntegrityError: db.session.rollback() post.viewcounts # Re-populate cache else: jobview = None if g.anon_user: anonview = AnonJobView.get(post, g.anon_user) if not anonview: anonview = AnonJobView(jobpost=post, anon_user=g.anon_user) db.session.add(anonview) try: db.session.commit() except IntegrityError: db.session.rollback() if g.user: report = JobPostReport.query.filter_by(post=post, user=g.user).first() else: report = None g.jobpost_viewed = (post, getbool(request.args.get('b'))) reportform = forms.ReportForm(obj=report) reportform.report_code.choices = [ (ob.id, ob.title) for ob in ReportCode.query.filter_by(public=True).order_by('seq') ] rejectform = forms.RejectForm() moderateform = forms.ModerateForm() if request.method == 'GET': moderateform.reason.data = post.review_comments if g.board: pinnedform = forms.PinnedForm(obj=post.link_to_board(g.board)) else: pinnedform = forms.PinnedForm(obj=post) applyform = None # User isn't allowed to apply unless non-None if g.user: job_application = JobApplication.query.filter_by(user=g.user, jobpost=post).first() if not job_application: applyform = forms.ApplicationForm() applyform.apply_phone.data = g.user.phone elif g.kiosk and g.peopleflow_url: applyform = forms.KioskApplicationForm() job_application = None else: job_application = None if reportform.validate_on_submit(): if g.user: if report is None: report = JobPostReport(post=post, user=g.user) report.reportcode_id = reportform.report_code.data report.ipaddr = request.environ['REMOTE_ADDR'] report.useragent = request.user_agent.string db.session.add(report) db.session.commit() if request.is_xhr: return "<p>Thanks! This post has been flagged for review</p>" # FIXME: Ugh! else: flash("Thanks! This post has been flagged for review", "interactive") else: if request.is_xhr: return "<p>You need to be logged in to report a post</p>" # FIXME: Ugh! else: flash("You need to be logged in to report a post", "interactive") elif request.method == 'POST' and request.is_xhr: return render_template('inc/reportform.html', reportform=reportform) if post.company_url and post.status != POSTSTATUS.ANNOUNCEMENT: domain_mismatch = not base_domain_matches(post.company_url.lower(), post.email_domain.lower()) else: domain_mismatch = False if not g.kiosk: if g.preview_campaign: header_campaign = g.preview_campaign else: header_campaign = Campaign.for_context( CAMPAIGN_POSITION.HEADER, board=g.board, user=g.user, anon_user=g.anon_user, geonameids=g.user_geonameids + post.geonameids) else: header_campaign = None if g.user and not g.kiosk: g.starred_ids = set(g.user.starred_job_ids(agelimit)) else: g.starred_ids = set() jobpost_ab = session_jobpost_ab() related_posts = post.related_posts() cache_viewcounts(related_posts) is_bgroup = getbool(request.args.get('b')) headline = post.headlineb if is_bgroup and post.headlineb else post.headline g.impressions = { rp.id: (False, rp.id, bgroup(jobpost_ab, rp)) for rp in related_posts } return render_template('detail.html', post=post, headline=headline, reportform=reportform, rejectform=rejectform, pinnedform=pinnedform, applyform=applyform, job_application=job_application, jobview=jobview, report=report, moderateform=moderateform, domain_mismatch=domain_mismatch, header_campaign=header_campaign, related_posts=related_posts, is_bgroup=is_bgroup, is_siteadmin=lastuser.has_permission('siteadmin'))
def newjob(): form = forms.ListingForm() archived_post = None if not g.user: return redirect(url_for('login', next=url_for('newjob'), message=u"Hasjob now requires you to login before posting a job. Please login as yourself." u" We'll add details about your company later")) else: if g.user.blocked: flash("Your account has been blocked from posting jobs", category='info') return redirect(url_for('index'), code=303) if g.board: if 'new-job' not in g.board.permissions(g.user): abort(403) if g.board and not g.board.require_pay: form.job_pay_type.choices = [(-1, u'Confidential')] + PAY_TYPE.items() form.job_type.choices = JobType.choices(g.board) form.job_category.choices = JobCategory.choices(g.board) if request.method == 'GET': header_campaign = Campaign.for_context(CAMPAIGN_POSITION.BEFOREPOST, board=g.board, user=g.user, anon_user=g.anon_user, geonameids=g.user_geonameids) if g.user: # form.poster_name.data = g.user.fullname # Deprecated 2013-11-20 form.poster_email.data = g.user.email else: header_campaign = None # Job Reposting if request.method == 'GET' and request.args.get('template'): archived_post = JobPost.get(request.args['template']) if not archived_post: abort(404) if not archived_post.admin_is(g.user): abort(403) if not archived_post.is_old(): flash("This post is currently active and cannot be posted again.") return redirect(archived_post.url_for(), code=303) form.populate_from(archived_post) header_campaign = None if form.validate_on_submit(): # POST request from new job page, with successful validation # Move it to the editjob page for handling here forward newpost = { 'hashid': unique_hash(JobPost), 'ipaddr': request.environ['REMOTE_ADDR'], 'useragent': request.user_agent.string, 'user': g.user } return editjob(hashid=None, key=None, form=form, validated=True, newpost=newpost) elif form.errors: # POST request from new job page, with errors flash("Please review the indicated issues", category='interactive') # Render page. Execution reaches here under three conditions: # 1. GET request, page loaded for the first time # 2. POST request from this page, with errors return render_template('postjob.html', form=form, no_removelogo=True, archived_post=archived_post, header_campaign=header_campaign)
def confirm_demo(domain): footer_campaign = Campaign.for_context(CAMPAIGN_POSITION.AFTERPOST, board=g.board, user=g.user, anon_user=g.anon_user, geonameids=g.user_geonameids) return render_template('mailsent.html', footer_campaign=footer_campaign)
def newjob(): form = forms.ListingForm() archived_post = None if not g.user: return redirect(url_for('login', next=url_for('newjob'), message=u"Hasjob now requires you to login before posting a job. Please login as yourself." u" We'll add details about your company later")) else: if g.user.blocked: flash("Your account has been blocked from posting jobs", category='info') return redirect(url_for('index'), code=303) if g.board: if 'new-job' not in g.board.permissions(g.user): abort(403) if g.board and not g.board.require_pay: form.job_pay_type.choices = [(-1, u'Confidential')] + PAY_TYPE.items() form.job_type.choices = JobType.choices(g.board) form.job_category.choices = JobCategory.choices(g.board) if request.method == 'GET': header_campaign = Campaign.for_context(CAMPAIGN_POSITION.BEFOREPOST, board=g.board, user=g.user, anon_user=g.anon_user, geonameids=g.user_geonameids) if g.user: # form.poster_name.data = g.user.fullname # Deprecated 2013-11-20 form.poster_email.data = g.user.email else: header_campaign = None # Job Reposting if request.method == 'GET' and request.args.get('template'): archived_post = JobPost.get(request.args['template']) if not archived_post: abort(404) if not archived_post.admin_is(g.user): abort(403) if archived_post.state.LISTED: flash("This post is currently active and cannot be posted again.") return redirect(archived_post.url_for(), code=303) form.populate_from(archived_post) header_campaign = None if form.validate_on_submit(): # POST request from new job page, with successful validation # Move it to the editjob page for handling here forward newpost = { 'hashid': unique_hash(JobPost), 'ipaddr': request.environ['REMOTE_ADDR'], 'useragent': request.user_agent.string, 'user': g.user } return editjob(hashid=None, key=None, form=form, validated=True, newpost=newpost) elif form.errors: # POST request from new job page, with errors flash("Please review the indicated issues", category='interactive') # Render page. Execution reaches here under three conditions: # 1. GET request, page loaded for the first time # 2. POST request from this page, with errors return render_template('postjob.html.jinja2', form=form, no_removelogo=True, archived_post=archived_post, header_campaign=header_campaign)
def confirm_demo(domain): footer_campaign = Campaign.for_context(CAMPAIGN_POSITION.AFTERPOST, board=g.board, user=g.user, anon_user=g.anon_user, geonameids=g.user_geonameids) return render_template('mailsent.html.jinja2', footer_campaign=footer_campaign)