예제 #1
0
    def _wall_events_query(self):
        """WallMixin implementation."""
        from ututi.lib.wall import generic_events_query
        evts_generic = generic_events_query()

        t_evt = meta.metadata.tables['events']
        t_wall_posts = meta.metadata.tables['wall_posts']

        locations = [loc.id for loc in c.location.flatten]
        subjects = meta.Session.query(Subject)\
            .filter(Subject.location_id.in_(locations))\
            .all()
        if self.feed_filter == 'sub_department':
            subject_ids = [subject.id for subject in self.sub_department.subjects
                           if check_crowds(["subject_accessor"], c.user, subject)]
        else:
            subject_ids = [subject.id for subject in subjects
                           if check_crowds(["subject_accessor"], c.user, subject)]
        public_groups = meta.Session.query(Group)\
            .filter(Group.location_id.in_(locations))\
            .filter(Group.forum_is_public == True)\
            .all()
        ids = [obj.id for obj in subjects + public_groups]

        obj_id_in_list = t_evt.c.object_id.in_(ids) if ids else False
        events_query = evts_generic
        if self.feed_filter == 'subjects':
            return events_query.where(or_(obj_id_in_list, t_wall_posts.c.subject_id.in_(subject_ids)))
        elif self.feed_filter == 'sub_department':
            return events_query.where(or_(t_evt.c.object_id.in_(subject_ids) if subject_ids else False, t_wall_posts.c.subject_id.in_(subject_ids)))
        elif self.feed_filter == 'discussions':
            return events_query.where(or_(t_wall_posts.c.target_location_id.in_(locations), t_wall_posts.c.subject_id.in_(subject_ids)))
        else:
            return events_query.where(or_(obj_id_in_list, t_wall_posts.c.target_location_id.in_(locations),
                                          t_wall_posts.c.subject_id.in_(subject_ids)))
예제 #2
0
    def remove_comment(self, id):
        comment = EventComment.get(id)
        if comment and (check_crowds(('owner',), c.user, comment) or check_crowds(('moderator',), c.user, comment.event.context)):
            comment.deleted_by = c.user.id
            meta.Session.add(comment)
            meta.Session.commit()

        self._redirect()
예제 #3
0
    def edit(self, subject):
        if subject.edit_settings_perm != 'everyone' and not check_crowds(['teacher', 'moderator'], c.user, subject):
            abort(403)

        defaults = {
            'id': subject.subject_id,
            'old_location': '/'.join(subject.location.path),
            'title': subject.title,
            'lecturer': subject.lecturer,
            'tags': ', '.join([tag.title for tag in subject.tags]),
            'description': subject.description,
            'subject_visibility': subject.visibility,
            'subject_edit': subject.edit_settings_perm,
            'subject_post_discussions': subject.post_discussion_perm,
            'sub_department_id': subject.sub_department_id
            }

        if subject.location is not None:
            location = dict([('location-%d' % n, tag)
                             for n, tag in enumerate(subject.location.hierarchy())])
        else:
            location = []

        defaults.update(location)
        return htmlfill.render(self._edit_form(), defaults=defaults)
예제 #4
0
 def create_subject_wall_post(self):
     subject = Subject.get_by_id(self.form_result['subject_id'])
     if subject.post_discussion_perm != 'everyone' and not check_crowds(['teacher', 'moderator'], c.user, subject):
         abort(403)
     self._create_wall_post(subject=subject,
                            content=self.form_result['post'])
     self._redirect()
예제 #5
0
 def create_subject_wall_post_js(self):
     subject = Subject.get_by_id(self.form_result['subject_id'])
     if subject.post_discussion_perm != 'everyone' and not check_crowds(['teacher', 'moderator'], c.user, subject):
         abort(403)
     post = self._create_wall_post(subject=subject,
                                   content=self.form_result['post'])
     evt = meta.Session.query(SubjectWallPostEvent).filter_by(object_id=post.id).one().wall_entry()
     return {'success': True, 'evt': evt}
예제 #6
0
 def members(self, group):
     c.group_menu_current_item = 'members'
     c.show_info = True
     self._set_up_member_info(group)
     if check_crowds(['admin', 'moderator'], context=group):
         return render('group/members_admin.mako')
     else:
         return render('group/members.mako')
예제 #7
0
 def _remove_wall_post(self, wall_post_id):
     post = meta.Session.query(WallPost).filter_by(id=wall_post_id).one()
     if post and check_crowds(('owner', 'moderator'), c.user, post):
         post.deleted_by = c.user.id
         meta.Session.add(post)
         meta.Session.commit()
         return True
     else:
         return False
예제 #8
0
    def can_manage_post(self, post):
        if c.user is None:
            return False # Anonymous users can not change anything.
        if (check_crowds(['admin', 'moderator']) if c.group is not None
            else check_crowds(['root'])):
            return True # Moderator can edit/delete anything.

        if not post.created_by == c.user.id:
            return False # Not the owner.
        if not self._forum_posts: # Cache query result.
            self._forum_posts = meta.Session.query(ForumPost)\
                .filter_by(category_id=c.category.id,
                           thread_id=c.thread.thread_id,
                           deleted_by=None)\
                .order_by(ForumPost.created_on).all()
        if post.id != self._forum_posts[-1].id: # Not the last message in thread.
            # TODO: Show a flash warning that the message could not be edited.
            return False
        return True
예제 #9
0
 def _protected_action(self, *args, **kwargs):
     if not check_crowds(['subject_accessor'], c.user, c.subject):
         location_link = ((c.subject.location.url(), ' '.join(c.subject.location.full_title_path))
                          if c.subject.visibility == 'department_members'
                          else (c.subject.location.root.url(), c.subject.location.root.title))
         deny(h.literal(_('Only %(location)s members can access see this subject.')
                        % dict(location=h.link_to(location_link[1], location_link[0]))), 401)
     c.user_can_edit_settings = c.user and (c.subject.edit_settings_perm == 'everyone' or check_crowds(['teacher', 'moderator'], c.user))
     c.user_can_post_discussions = c.user and (c.subject.post_discussion_perm == 'everyone' or check_crowds(['teacher', 'moderator'], c.user))
     return method(self, *args, **kwargs)
예제 #10
0
    def fn(*args, **kwargs):
        if c.group is not None:
            if not c.group.forum_is_public and not check_crowds(['member', 'moderator']):
                deny("This forum is not public", 401)
            if c.group.mailinglist_enabled:
                flash(_('The web-based forum for this group has been disabled.'
                        ' Please use the mailing list instead.'))
                redirect(url(controller='mailinglist', action='index', id=c.group_id))

        return m(*args, **kwargs)
예제 #11
0
 def home(self, group):
     if not c.user:
         abort(404);
     if check_crowds(["member", "admin"]):
         if request.params.get('do_not_watch'):
             group.wants_to_watch_subjects = False
             meta.Session.commit()
         self._set_home_variables(group)
         return render('group/home.mako')
     else:
         c.breadcrumbs = [{'title': group.title,
                           'link': url(controller='group', action='home', id=c.group.group_id)}]
         return render('group/home_public.mako')
예제 #12
0
    def _move(self, source, file):
        source_folder = file.folder
        delete = asbool(request.POST.get('remove', False))
        if delete:
            if check_crowds(['owner', 'moderator', 'admin']):
                file.deleted = c.user
            else:
                abort(501)
        else:
            file.folder = request.POST['target_folder']
            file.deleted = None

        if source_folder and source.getFolder(source_folder) is None:
            source.files.append(File.makeNullFile(source_folder))

        meta.Session.commit()
        return render_mako_def('/sections/files.mako','file', file=file)
예제 #13
0
def subject_menu_items():
    items = [
        {'title': _("Info"),
         'name': 'info',
         'link': c.subject.url(action='info')},
        {'title': _("News feed"),
         'name': 'feed',
         'link': c.subject.url(action='feed')},
        {'title': _("Files"),
         'name': 'files',
         'link': c.subject.url(action='files')},
        {'title': _("Notes"),
         'name': 'pages',
         'link': c.subject.url(action='pages')}]
    if c.user and c.subject.post_discussion_perm == 'everyone' or check_crowds(['teacher', 'moderator'], c.user):
        items.append({'title': _("Discussions"),
                      'name': 'discussions',
                      'link': c.subject.url(action='feed', filter='discussions')})
    return items
예제 #14
0
    def update(self, subject):
        if not hasattr(self, 'form_result'):
            redirect(url(controller='subject', action='add'))

        #check if we need to regenerate the id
        clash = Subject.get(self.form_result.get('location', None), subject.subject_id)
        if clash is not None and clash is not subject:
            subject.subject_id = subject.generate_new_id()

        subject.title = self.form_result['title']
        subject.lecturer = self.form_result['lecturer']
        subject.location = self.form_result['location']
        subject.description = self.form_result.get('description', None)
        subject.sub_department_id = self.form_result.get('sub_department_id', None)

        #check to see what kind of tags we have got
        tags = [tag.strip().lower() for tag in self.form_result.get('tagsitem', []) if len(tag.strip().lower()) < 250 and tag.strip() != '']
        if tags == []:
            tags = [tag.strip().lower() for tag in self.form_result.get('tags', '').split(',') if len(tag.strip()) < 250 and tag.strip() != '']

        subject.tags = []
        for tag in tags:
            subject.tags.append(SimpleTag.get(tag))

        # update subject permissions
        if check_crowds(["teacher", "moderator", "root"], c.user, subject) and 'subject_visibility' in self.form_result:
            subject.visibility = self.form_result['subject_visibility']
            subject.edit_settings_perm = self.form_result['subject_edit']
            subject.post_discussion_perm = self.form_result['subject_post_discussions']
            # remove subject from watched list for users who can't view subject anymore
            if subject.visibility != 'everyone':
                crowd_fn = is_university_member if subject.visibility == 'university_members' else is_department_member
                for watcher in subject.watching_users:
                    if not crowd_fn(watcher.user, subject):
                        watcher.user.unwatchSubject(subject)

        meta.Session.commit()

        redirect(url(controller='subject',
                    action='home',
                    id=subject.subject_id,
                    tags=subject.location_path))
예제 #15
0
 def fn(*args, **kwargs):
     if not (c.group.forum_is_public or check_crowds(['member', 'admin'])):
         deny("This mailing list is not public", 401)
     return m(*args, **kwargs)
예제 #16
0
 def _edit_form(self):
     c.notabs = True
     c.show_permission_settings = check_crowds(["teacher", "moderator", "root"], c.user, c.subject)
     return render('subject/edit.mako')
예제 #17
0
 def index(self, group):
     if check_crowds(["member", "admin"]):
         redirect(url(controller='group', action=c.group.default_tab, id=group.group_id))
     else:
         redirect(url(controller='group', action='home', id=group.group_id))
예제 #18
0
 def can_post(self, user):
     return user is not None and (not c.group_id or check_crowds(['member', 'admin', 'moderator']))
예제 #19
0
 def fn(*args, **kwargs):
     if c.group is not None:
         if not check_crowds(['member', 'moderator']):
             deny("Only members can post", 401)
     return m(*args, **kwargs)