def moderatejob(domain, hashid): post = JobPost.query.filter_by(hashid=hashid).first_or_404() if post.status in [POSTSTATUS.DRAFT, POSTSTATUS.PENDING]: abort(403) if post.status in [ POSTSTATUS.REJECTED, POSTSTATUS.WITHDRAWN, POSTSTATUS.SPAM ]: abort(410) moderateform = forms.ModerateForm() if moderateform.validate_on_submit(): post.closed_datetime = datetime.utcnow() post.review_comments = moderateform.reason.data post.review_datetime = datetime.utcnow() post.reviewer = g.user flashmsg = "This job post has been moderated." post.status = POSTSTATUS.MODERATED msg = Message(subject="About your job post on Hasjob", recipients=[post.email]) msg.body = render_template("moderate_email.md", post=post) msg.html = markdown(msg.body) mail.send(msg) db.session.commit() if request.is_xhr: return "<p>%s</p>" % flashmsg elif request.method == 'POST' and request.is_xhr: return render_template('inc/moderateform.html', post=post, moderateform=moderateform) return redirect(post.url_for(), code=303)
def jobdetail(domain, hashid): post = JobPost.query.filter_by(hashid=hashid).first_or_404() # If we're on a board (that's now 'www') and this post isn't on this board, # redirect to (a) the first board it is on, or (b) on the root domain (which may # be the 'www' board, which is why we don't bother to redirect if we're currently # in the 'www' board) if g.board and g.board.not_root and post.link_to_board(g.board) is None: blink = post.postboards.first() if blink: return redirect( post.url_for(subdomain=blink.board.name, _external=True)) else: return redirect(post.url_for(subdomain=None, _external=True)) # If this post is past pending state and the domain doesn't match, redirect there if post.status not in POSTSTATUS.UNPUBLISHED and post.email_domain != domain: return redirect(post.url_for(), code=301) if post.status in [POSTSTATUS.DRAFT, POSTSTATUS.PENDING]: if not ((g.user and post.admin_is(g.user))): abort(403) if post.status in POSTSTATUS.GONE: abort(410) if g.user: jobview = UserJobView.get(post, g.user) if jobview is None: jobview = UserJobView(user=g.user, jobpost=post) post.uncache_viewcounts('viewed') cache.delete_memoized(viewstats_by_id_qhour, post.id) cache.delete_memoized(viewstats_by_id_hour, post.id) cache.delete_memoized(viewstats_by_id_day, post.id) db.session.add(jobview) try: db.session.commit() except IntegrityError: db.session.rollback() post.viewcounts # Re-populate cache else: jobview = None if g.anon_user: anonview = AnonJobView.get(post, g.anon_user) if not anonview: anonview = AnonJobView(jobpost=post, anon_user=g.anon_user) db.session.add(anonview) try: db.session.commit() except IntegrityError: db.session.rollback() if g.user: report = JobPostReport.query.filter_by(post=post, user=g.user).first() else: report = None g.jobpost_viewed = (post, getbool(request.args.get('b'))) reportform = forms.ReportForm(obj=report) reportform.report_code.choices = [ (ob.id, ob.title) for ob in ReportCode.query.filter_by(public=True).order_by('seq') ] rejectform = forms.RejectForm() moderateform = forms.ModerateForm() if request.method == 'GET': moderateform.reason.data = post.review_comments if g.board: pinnedform = forms.PinnedForm(obj=post.link_to_board(g.board)) else: pinnedform = forms.PinnedForm(obj=post) applyform = None # User isn't allowed to apply unless non-None if g.user: job_application = JobApplication.query.filter_by(user=g.user, jobpost=post).first() if not job_application: applyform = forms.ApplicationForm() applyform.apply_phone.data = g.user.phone elif g.kiosk and g.peopleflow_url: applyform = forms.KioskApplicationForm() job_application = None else: job_application = None if reportform.validate_on_submit(): if g.user: if report is None: report = JobPostReport(post=post, user=g.user) report.reportcode_id = reportform.report_code.data report.ipaddr = request.environ['REMOTE_ADDR'] report.useragent = request.user_agent.string db.session.add(report) db.session.commit() if request.is_xhr: return "<p>Thanks! This post has been flagged for review</p>" # FIXME: Ugh! else: flash("Thanks! This post has been flagged for review", "interactive") else: if request.is_xhr: return "<p>You need to be logged in to report a post</p>" # FIXME: Ugh! else: flash("You need to be logged in to report a post", "interactive") elif request.method == 'POST' and request.is_xhr: return render_template('inc/reportform.html', reportform=reportform) if post.company_url and post.status != POSTSTATUS.ANNOUNCEMENT: domain_mismatch = not base_domain_matches(post.company_url.lower(), post.email_domain.lower()) else: domain_mismatch = False if not g.kiosk: if g.preview_campaign: header_campaign = g.preview_campaign else: header_campaign = Campaign.for_context( CAMPAIGN_POSITION.HEADER, board=g.board, user=g.user, anon_user=g.anon_user, geonameids=g.user_geonameids + post.geonameids) else: header_campaign = None if g.user and not g.kiosk: g.starred_ids = set(g.user.starred_job_ids(agelimit)) else: g.starred_ids = set() jobpost_ab = session_jobpost_ab() related_posts = post.related_posts() cache_viewcounts(related_posts) is_bgroup = getbool(request.args.get('b')) headline = post.headlineb if is_bgroup and post.headlineb else post.headline g.impressions = { rp.id: (False, rp.id, bgroup(jobpost_ab, rp)) for rp in related_posts } return render_template('detail.html', post=post, headline=headline, reportform=reportform, rejectform=rejectform, pinnedform=pinnedform, applyform=applyform, job_application=job_application, jobview=jobview, report=report, moderateform=moderateform, domain_mismatch=domain_mismatch, header_campaign=header_campaign, related_posts=related_posts, is_bgroup=is_bgroup, is_siteadmin=lastuser.has_permission('siteadmin'))
def jobdetail(hashid): post = JobPost.query.filter_by(hashid=hashid).first_or_404() if g.board and post.link_to_board(g.board) is None: blink = post.postboards.first() if blink: return redirect( url_for('jobdetail', hashid=post.hashid, subdomain=blink.board.name, _external=True)) else: return redirect( url_for('jobdetail', hashid=post.hashid, subdomain=None, _external=True)) if post.status in [POSTSTATUS.DRAFT, POSTSTATUS.PENDING]: if not ((g.user and post.admin_is(g.user)) or post.edit_key in session.get('userkeys', [])): abort(403) if post.status in POSTSTATUS.GONE: abort(410) if g.user: jobview = UserJobView.query.get((g.user.id, post.id)) if jobview is None: jobview = UserJobView(user=g.user, jobpost=post) cache.delete_memoized(viewcounts_by_id, post.id) cache.delete_memoized(viewstats_by_id_qhour, post.id) cache.delete_memoized(viewstats_by_id_hour, post.id) cache.delete_memoized(viewstats_by_id_day, post.id) db.session.add(jobview) try: db.session.commit() except IntegrityError: db.session.rollback() pass # User opened two tabs at once? We don't really know viewcounts_by_id(post.id) # Re-populate cache else: jobview = None if g.user: report = JobPostReport.query.filter_by(post=post, user=g.user).first() else: report = None reportform = forms.ReportForm(obj=report) reportform.report_code.choices = [ (ob.id, ob.title) for ob in ReportCode.query.filter_by(public=True).order_by('seq') ] rejectform = forms.RejectForm() moderateform = forms.ModerateForm() if request.method == 'GET': moderateform.reason.data = post.review_comments if g.board: pinnedform = forms.PinnedForm(obj=post.link_to_board(g.board)) else: pinnedform = forms.PinnedForm(obj=post) applyform = None # User isn't allowed to apply unless non-None if g.user: job_application = JobApplication.query.filter_by(user=g.user, jobpost=post).first() if not job_application: applyform = forms.ApplicationForm() applyform.apply_phone.data = g.user.phone elif g.kiosk and g.peopleflow_url: applyform = forms.KioskApplicationForm() job_application = None else: job_application = None if reportform.validate_on_submit(): if g.user: if report is None: report = JobPostReport(post=post, user=g.user) report.reportcode_id = reportform.report_code.data report.ipaddr = request.environ['REMOTE_ADDR'] report.useragent = request.user_agent.string db.session.add(report) db.session.commit() if request.is_xhr: return "<p>Thanks! This listing has been flagged for review</p>" # FIXME: Ugh! else: flash("Thanks! This listing has been flagged for review", "interactive") else: if request.is_xhr: return "<p>You need to be logged in to report a listing</p>" # FIXME: Ugh! else: flash("You need to be logged in to report a listing", "interactive") elif request.method == 'POST' and request.is_xhr: return render_template('inc/reportform.html', reportform=reportform) if post.company_url and post.status != POSTSTATUS.ANNOUNCEMENT: domain_mismatch = not base_domain_matches(post.company_url.lower(), post.email_domain.lower()) else: domain_mismatch = False return render_template('detail.html', post=post, reportform=reportform, rejectform=rejectform, pinnedform=pinnedform, applyform=applyform, job_application=job_application, jobview=jobview, report=report, moderateform=moderateform, domain_mismatch=domain_mismatch, siteadmin=lastuser.has_permission('siteadmin'))