def add_volunteer():
if 'user' not in session:
return '403'
logged_user = Users.query.filter_by(id=session['user']).first()
if not is_moderator(logged_user):
return '403'
data = request.get_json()
user_id = data['user_id']
volunteer_type = data['type']
action = data['action']
if action == "remove":
db.session.delete(Volunteer.query.get_or_404(user_id))
elif action == "add":
user = Users.query.get_or_404(user_id)
volunteer = Volunteer.query.get(user_id)
if volunteer:
return "400"
volunteer = Volunteer(volunteer_user=user,
volunteer_type=volunteer_type)
db.session.add(volunteer)
else:
return "400"
db.session.commit()
return "200"
def inject_logged_user_data_for_all_templates():
data = dict()
if 'user' in session:
data['logged_user'] = Users.query.filter_by(id=session['user']).first()
if data['logged_user']:
data['moderator'] = "yes" if is_moderator(
data['logged_user']) else "no"
data['notifications'] = Notification.query\
.filter(or_(Notification.recipient == data['logged_user'], Notification.recipient_id == 0))\
.order_by(Notification.date_posted.desc()).limit(5).all()
data['new_notifications'] = Notification.query\
.filter(or_(Notification.recipient == data['logged_user'], Notification.recipient_id == 0))\
.filter(Notification.date_posted >= data['logged_user'].last_message_read_time).count()
data.setdefault('moderator', 'no')
data.setdefault('logged_user', None)
data.setdefault(
'notifications',
Notification.query.filter_by(recipient_id=0) # pan-users messages
.order_by(Notification.date_posted.desc()).limit(5).all())
data.setdefault('new_notifications', data['notifications'].__len__())
# functions
data['volunteered'] = lambda user: True if Volunteer.query.get(user.id
) else False
return data
def translate_edit_proposal(law_id, proposal_id):
if 'user' not in session:
flash('you need to be logged in')
return redirect(url_for('users.login'))
logged_user = Users.query.filter_by(id=session['user']).first()
if not is_moderator(logged_user):
abort(403)
proposal = Proposal.query.get_or_404(proposal_id)
translate_edit_proposal_form = TranslateEditProposal()
if request.method == 'POST':
proposal.title_arabic = translate_edit_proposal_form.title_arabic.data
proposal.explanation_arabic = translate_edit_proposal_form.explanation_arabic.data
proposal.info_arabic = translate_edit_proposal_form.info_arabic.data
db.session.commit()
return redirect(
url_for('proposals.edit_proposal',
law_id=law_id,
proposal_id=proposal_id))
else:
translate_edit_proposal_form.info_arabic.data = proposal.info_arabic
translate_edit_proposal_form.title_arabic.data = proposal.title_arabic
translate_edit_proposal_form.explanation_arabic.data = proposal.explanation_arabic
return render_template(
'translate_edit_proposal.html',
translate_edit_proposal_form=translate_edit_proposal_form,
edit_proposal=proposal)
def update_edit_proposal(law_id, proposal_id):
if 'user' not in session:
flash('you need to be logged in')
return redirect(url_for('users.login'))
logged_user = Users.query.filter_by(id=session['user']).first()
if not is_moderator(logged_user):
abort(403)
proposal = Proposal.query.get_or_404(proposal_id)
if not proposal.posted_at.date_posted >= ServerState.get_state(
)['discussion-start']:
flash("Cannot update edit-proposal when law isn't under discussion",
'info')
return redirect(url_for('laws.law', _id_=proposal.posted_at.id))
update_edit_proposal_form = UpdateEditProposal()
if request.method == 'POST':
proposal.title = update_edit_proposal_form.title.data
proposal.explanation = update_edit_proposal_form.explanation.data
proposal.info = update_edit_proposal_form.info.data
db.session.commit()
return redirect(
url_for('proposals.edit_proposal',
law_id=law_id,
proposal_id=proposal_id))
else:
update_edit_proposal_form.info.data = proposal.info
update_edit_proposal_form.title.data = proposal.title
update_edit_proposal_form.explanation.data = proposal.explanation
return render_template(
'update_edit_proposal.html',
update_edit_proposal_form=update_edit_proposal_form)
def signup():
if 'user' not in session:
volunteers = Volunteer.query.filter_by(type='sign_up_collector').all()
return render_template("enrollment.html", volunteers=volunteers)
moderator = Users.query.filter_by(id=session['user']).first()
if not is_moderator(moderator):
volunteers = Volunteer.query.filter_by(type='sign_up_collector').all()
return render_template("enrollment.html", volunteers=volunteers)
signup_form = SignupForm()
if request.method == "POST":
if signup_form.validate_on_submit():
found_user_by_id = Users.query.filter_by(
membership_id=signup_form.membership_id.data).first()
if found_user_by_id:
signup_form.membership_id.errors = [
'user with this Membership ID already exist'
]
return render_template("signup.html", signup_form=signup_form)
found_user_by_name = Users.query.filter_by(
user_name=signup_form.username.data).first()
if found_user_by_name:
signup_form.username.errors = [
'user with this username already exist'
]
return render_template("signup.html", signup_form=signup_form)
session.permanent = signup_form.remember.data
hashed_password = crypt.generate_password_hash(
signup_form.password.data).decode('utf-8')
user = Users(
membership_id=signup_form.membership_id.data,
name=signup_form.username.data,
password=hashed_password,
gender=signup_form.gender.data,
email=signup_form.email.data,
governorate=signup_form.governorate.data,
district=signup_form.district.data,
civil_registry_num=signup_form.civil_registry_num.data,
national_identity_num=signup_form.national_identity_num.data,
birth_date=signup_form.birth_date.data,
phone_number=signup_form.phone_number.data)
db.session.add(user)
db.session.commit()
session["user"] = user.id
flash('Signed Up successfully', 'info')
return redirect(url_for("main.index"))
else:
return render_template("signup.html", signup_form=signup_form)
else:
return render_template("signup.html", signup_form=signup_form)
def delete():
if 'user' not in session:
flash('you need to be logged in')
return redirect(url_for('users.login'))
logged_user = Users.query.filter_by(id=session['user']).first()
if not is_moderator(logged_user):
return "403"
proposal_id = request.get_json()['proposal_id']
Proposal.remove(proposal_id=proposal_id)
db.session.commit()
return "200"
def delete_profile():
"""
doesn't allow user to access anything
"""
if 'user' not in session:
redirect(url_for('users.login'))
logged_user = Users.query.filter_by(id=session['user']).first()
if not is_moderator(logged_user):
return "403"
user_id = request.get_json()['user_id']
user = Users.query.filter_by(id=user_id).first()
db.session.delete(user)
db.session.commit()
return "200"
def add_notification():
if 'user' not in session:
flash('you need to be logged in')
return redirect(url_for('users.login'))
logged_user = Users.query.filter_by(id=session['user']).first()
if not is_moderator(logged_user):
return abort(403) if request.method == 'GET' else '403'
notification_form = NotificationForm()
if notification_form.validate_on_submit():
notification = Notification(recipient_id=int(
notification_form.recipient_id.data),
message=notification_form.message.data)
db.session.add(notification)
db.session.commit()
return redirect(url_for('main.index'))
return render_template('add_notification.html',
notification_form=notification_form)