def index(request):
"""
the page from which one chooses how to log in.
"""
user = get_user(request)
# single auth system?
if len(helios_auth.ENABLED_AUTH_SYSTEMS) == 1 and not user:
return HttpResponseRedirect(
reverse(start, args=[helios_auth.ENABLED_AUTH_SYSTEMS[0]]) +
'?return_url=' + request.GET.get('return_url', ''))
#if helios_auth.DEFAULT_AUTH_SYSTEM and not user:
# return HttpResponseRedirect(reverse(start, args=[helios_auth.DEFAULT_AUTH_SYSTEM])+ '?return_url=' + request.GET.get('return_url', ''))
default_auth_system_obj = None
if helios_auth.DEFAULT_AUTH_SYSTEM:
default_auth_system_obj = AUTH_SYSTEMS[helios_auth.DEFAULT_AUTH_SYSTEM]
#form = password.LoginForm()
return render_template(
request, 'index', {
'return_url': request.GET.get('return_url', '/'),
'enabled_auth_systems': helios_auth.ENABLED_AUTH_SYSTEMS,
'default_auth_system': helios_auth.DEFAULT_AUTH_SYSTEM,
'default_auth_system_obj': default_auth_system_obj
})
def can_create_election(request):
user = get_user(request)
if not user:
return False
if helios.ADMIN_ONLY:
return user.admin_p
else:
return user.can_create_election()
def election_admin_wrapper(request, election_uuid=None, *args, **kw):
election = get_election_by_uuid(election_uuid)
user = get_user(request)
if not user_can_admin_election(user, election):
raise PermissionDenied()
# do checks
do_election_checks(election, checks)
return func(request, election, *args, **kw)
def render_template(request, template_name, vars={}):
t = loader.get_template(template_name + '.html')
vars_with_user = vars.copy()
vars_with_user['user'] = get_user(request)
vars_with_user['settings'] = settings
vars_with_user['CURRENT_URL'] = request.path
# csrf protection
if request.session.has_key('csrf_token'):
vars_with_user['csrf_token'] = request.session['csrf_token']
return render_to_response('server_ui/templates/%s.html' % template_name,
vars_with_user)
def prepare_vars(request, vars):
vars_with_user = vars.copy()
if request:
vars_with_user['user'] = get_user(request)
vars_with_user['csrf_token'] = request.session['csrf_token']
vars_with_user['SECURE_URL_HOST'] = settings.SECURE_URL_HOST
vars_with_user['STATIC'] = '/static'
vars_with_user['MEDIA_URL'] = '/static/'
vars_with_user['TEMPLATE_BASE'] = helios_auth.TEMPLATE_BASE
vars_with_user['settings'] = settings
return vars_with_user
def prepare_vars(request, vars):
vars_with_user = vars.copy()
vars_with_user['user'] = get_user(request)
# csrf protection
if 'csrf_token' in request.session:
vars_with_user['csrf_token'] = request.session['csrf_token']
vars_with_user['utils'] = utils
vars_with_user['settings'] = settings
vars_with_user['HELIOS_STATIC'] = '/static/js'
vars_with_user['TEMPLATE_BASE'] = helios.TEMPLATE_BASE
vars_with_user['CURRENT_URL'] = request.path
vars_with_user['SECURE_URL_HOST'] = settings.SECURE_URL_HOST
return vars_with_user
def user_can_see_election(request, election):
user = get_user(request)
if not election.private_p:
return True
# election is private
# but maybe this user is the administrator?
if user_can_admin_election(user, election):
return True
# or maybe this is a trustee of the election?
trustee = get_logged_in_trustee(request)
if trustee and trustee.election.uuid == election.uuid:
return True
# then this user has to be a voter
return (get_voter(request, user, election) != None)
def require_admin(request):
user = get_user(request)
if not user or not user.admin_p:
raise PermissionDenied()
return user
