def add_volunteer(): if 'user' not in session: return '403' logged_user = Users.query.filter_by(id=session['user']).first() if not is_moderator(logged_user): return '403' data = request.get_json() user_id = data['user_id'] volunteer_type = data['type'] action = data['action'] if action == "remove": db.session.delete(Volunteer.query.get_or_404(user_id)) elif action == "add": user = Users.query.get_or_404(user_id) volunteer = Volunteer.query.get(user_id) if volunteer: return "400" volunteer = Volunteer(volunteer_user=user, volunteer_type=volunteer_type) db.session.add(volunteer) else: return "400" db.session.commit() return "200"
def inject_logged_user_data_for_all_templates(): data = dict() if 'user' in session: data['logged_user'] = Users.query.filter_by(id=session['user']).first() if data['logged_user']: data['moderator'] = "yes" if is_moderator( data['logged_user']) else "no" data['notifications'] = Notification.query\ .filter(or_(Notification.recipient == data['logged_user'], Notification.recipient_id == 0))\ .order_by(Notification.date_posted.desc()).limit(5).all() data['new_notifications'] = Notification.query\ .filter(or_(Notification.recipient == data['logged_user'], Notification.recipient_id == 0))\ .filter(Notification.date_posted >= data['logged_user'].last_message_read_time).count() data.setdefault('moderator', 'no') data.setdefault('logged_user', None) data.setdefault( 'notifications', Notification.query.filter_by(recipient_id=0) # pan-users messages .order_by(Notification.date_posted.desc()).limit(5).all()) data.setdefault('new_notifications', data['notifications'].__len__()) # functions data['volunteered'] = lambda user: True if Volunteer.query.get(user.id ) else False return data
def translate_edit_proposal(law_id, proposal_id): if 'user' not in session: flash('you need to be logged in') return redirect(url_for('users.login')) logged_user = Users.query.filter_by(id=session['user']).first() if not is_moderator(logged_user): abort(403) proposal = Proposal.query.get_or_404(proposal_id) translate_edit_proposal_form = TranslateEditProposal() if request.method == 'POST': proposal.title_arabic = translate_edit_proposal_form.title_arabic.data proposal.explanation_arabic = translate_edit_proposal_form.explanation_arabic.data proposal.info_arabic = translate_edit_proposal_form.info_arabic.data db.session.commit() return redirect( url_for('proposals.edit_proposal', law_id=law_id, proposal_id=proposal_id)) else: translate_edit_proposal_form.info_arabic.data = proposal.info_arabic translate_edit_proposal_form.title_arabic.data = proposal.title_arabic translate_edit_proposal_form.explanation_arabic.data = proposal.explanation_arabic return render_template( 'translate_edit_proposal.html', translate_edit_proposal_form=translate_edit_proposal_form, edit_proposal=proposal)
def update_edit_proposal(law_id, proposal_id): if 'user' not in session: flash('you need to be logged in') return redirect(url_for('users.login')) logged_user = Users.query.filter_by(id=session['user']).first() if not is_moderator(logged_user): abort(403) proposal = Proposal.query.get_or_404(proposal_id) if not proposal.posted_at.date_posted >= ServerState.get_state( )['discussion-start']: flash("Cannot update edit-proposal when law isn't under discussion", 'info') return redirect(url_for('laws.law', _id_=proposal.posted_at.id)) update_edit_proposal_form = UpdateEditProposal() if request.method == 'POST': proposal.title = update_edit_proposal_form.title.data proposal.explanation = update_edit_proposal_form.explanation.data proposal.info = update_edit_proposal_form.info.data db.session.commit() return redirect( url_for('proposals.edit_proposal', law_id=law_id, proposal_id=proposal_id)) else: update_edit_proposal_form.info.data = proposal.info update_edit_proposal_form.title.data = proposal.title update_edit_proposal_form.explanation.data = proposal.explanation return render_template( 'update_edit_proposal.html', update_edit_proposal_form=update_edit_proposal_form)
def signup(): if 'user' not in session: volunteers = Volunteer.query.filter_by(type='sign_up_collector').all() return render_template("enrollment.html", volunteers=volunteers) moderator = Users.query.filter_by(id=session['user']).first() if not is_moderator(moderator): volunteers = Volunteer.query.filter_by(type='sign_up_collector').all() return render_template("enrollment.html", volunteers=volunteers) signup_form = SignupForm() if request.method == "POST": if signup_form.validate_on_submit(): found_user_by_id = Users.query.filter_by( membership_id=signup_form.membership_id.data).first() if found_user_by_id: signup_form.membership_id.errors = [ 'user with this Membership ID already exist' ] return render_template("signup.html", signup_form=signup_form) found_user_by_name = Users.query.filter_by( user_name=signup_form.username.data).first() if found_user_by_name: signup_form.username.errors = [ 'user with this username already exist' ] return render_template("signup.html", signup_form=signup_form) session.permanent = signup_form.remember.data hashed_password = crypt.generate_password_hash( signup_form.password.data).decode('utf-8') user = Users( membership_id=signup_form.membership_id.data, name=signup_form.username.data, password=hashed_password, gender=signup_form.gender.data, email=signup_form.email.data, governorate=signup_form.governorate.data, district=signup_form.district.data, civil_registry_num=signup_form.civil_registry_num.data, national_identity_num=signup_form.national_identity_num.data, birth_date=signup_form.birth_date.data, phone_number=signup_form.phone_number.data) db.session.add(user) db.session.commit() session["user"] = user.id flash('Signed Up successfully', 'info') return redirect(url_for("main.index")) else: return render_template("signup.html", signup_form=signup_form) else: return render_template("signup.html", signup_form=signup_form)
def delete(): if 'user' not in session: flash('you need to be logged in') return redirect(url_for('users.login')) logged_user = Users.query.filter_by(id=session['user']).first() if not is_moderator(logged_user): return "403" proposal_id = request.get_json()['proposal_id'] Proposal.remove(proposal_id=proposal_id) db.session.commit() return "200"
def delete_profile(): """ doesn't allow user to access anything """ if 'user' not in session: redirect(url_for('users.login')) logged_user = Users.query.filter_by(id=session['user']).first() if not is_moderator(logged_user): return "403" user_id = request.get_json()['user_id'] user = Users.query.filter_by(id=user_id).first() db.session.delete(user) db.session.commit() return "200"
def add_notification(): if 'user' not in session: flash('you need to be logged in') return redirect(url_for('users.login')) logged_user = Users.query.filter_by(id=session['user']).first() if not is_moderator(logged_user): return abort(403) if request.method == 'GET' else '403' notification_form = NotificationForm() if notification_form.validate_on_submit(): notification = Notification(recipient_id=int( notification_form.recipient_id.data), message=notification_form.message.data) db.session.add(notification) db.session.commit() return redirect(url_for('main.index')) return render_template('add_notification.html', notification_form=notification_form)