Пример #1
0
    def _review(self, id):
        """Review a proposal.
        """
        c.proposal = Proposal.find_by_id(id)
        c.signed_in_person = h.signed_in_person()
        c.next_review_id = Proposal.find_next_proposal(c.proposal.id, c.proposal.type.id, c.signed_in_person.id)

        # TODO: currently not enough (see TODOs in model/proposal.py)
        #if not h.auth.authorized(h.auth.has_organiser_role):
        #    # You can't review your own proposal
        #    for person in c.proposal.people:
        #        if person.id == c.signed_in_person.id:
        #            h.auth.no_role()

        person = c.signed_in_person
        if person in [ review.reviewer for review in c.proposal.reviews]:
            h.flash('Already reviewed')
            return redirect_to(action='review', id=c.next_review_id)

        results = self.form_result['review']
        review = Review(**results)

        meta.Session.add(review)
        c.proposal.reviews.append(review)

        review.reviewer = person

        meta.Session.commit()

        if c.next_review_id:
            return redirect_to(action='review', id=c.next_review_id)

        h.flash("No more papers to review")

        return redirect_to(action='review_index')
Пример #2
0
    def summary(self):
        for pt in c.proposal_types:
            stuff = Proposal.find_all_by_proposal_type_id(pt.id, include_withdrawn=False)
            stuff.sort(self._score_sort)
            setattr(c, '%s_collection' % pt.name, stuff)
        for aat in c.accommodation_assistance_types:
            stuff = Proposal.find_all_by_accommodation_assistance_type_id(aat.id)
            setattr(c, '%s_collection' % aat.name, stuff)
        for tat in c.travel_assistance_types:
            stuff = Proposal.find_all_by_travel_assistance_type_id(tat.id)
            setattr(c, '%s_collection' % tat.name, stuff)

        return render('proposal/summary.mako')
Пример #3
0
    def summary(self):
        for pt in c.proposal_types:
            stuff = Proposal.find_all_by_proposal_type_id(
                pt.id, include_withdrawn=False)
            stuff.sort(self._score_sort)
            setattr(c, '%s_collection' % pt.name, stuff)
        for aat in c.accommodation_assistance_types:
            stuff = Proposal.find_all_by_accommodation_assistance_type_id(
                aat.id)
            setattr(c, '%s_collection' % aat.name, stuff)
        for tat in c.travel_assistance_types:
            stuff = Proposal.find_all_by_travel_assistance_type_id(tat.id)
            setattr(c, '%s_collection' % tat.name, stuff)

        return render('proposal/summary.mako')
Пример #4
0
    def review(self, id):
        c.streams = Stream.select_values()
        c.proposal = Proposal.find_by_id(id)
        c.signed_in_person = h.signed_in_person()

        # TODO: currently not enough (see TODOs in model/proposal.py)
        #if not h.auth.authorized(h.auth.has_organiser_role):
        #    # You can't review your own proposal
        #    for person in c.proposal.people:
        #        if person.id == c.signed_in_person.id:
        #            h.auth.no_role()

        c.next_review_id = Proposal.find_next_proposal(c.proposal.id, c.proposal.type.id, c.signed_in_person.id)

        return render('/proposal/review.mako')
Пример #5
0
    def _edit(self, id):
        # We need to recheck auth in here so we can pass in the id
        if not h.auth.authorized(h.auth.Or(h.auth.is_same_zookeepr_submitter(id), h.auth.has_organiser_role)):
            # Raise a no_auth error
            h.auth.no_role()

        if not h.auth.authorized(h.auth.has_organiser_role):
            if c.paper_editing == 'closed' and not h.auth.authorized(h.auth.has_late_submitter_role):
                return render("proposal/editing_closed.mako")
            elif c.paper_editing == 'not_open':
                return render("proposal/editing_not_open.mako")

        c.proposal = Proposal.find_by_id(id)
        for key in self.form_result['proposal']:
            setattr(c.proposal, key, self.form_result['proposal'][key])

        c.proposal.abstract = self.clean_abstract(c.proposal.abstract)

        c.person = self.form_result['person_to_edit']
        if (c.person.id == h.signed_in_person().id or
                             h.auth.authorized(h.auth.has_organiser_role)):
            for key in self.form_result['person']:
                setattr(c.person, key, self.form_result['person'][key])
            p_edit = "and author"
        else:
            p_edit = "(but not author)"

        meta.Session.commit()

        if lca_info['proposal_update_email'] != '':
            body = "Subject: %s Proposal Updated\n\nID:    %d\nTitle: %s\nType:  %s\nURL:   %s" % (h.lca_info['event_name'], c.proposal.id, c.proposal.title, c.proposal.type.name.lower(), "http://" + h.host_name() + h.url_for(action="view"))
            email(lca_info['proposal_update_email'], body)

        h.flash("Proposal %s edited!"%p_edit)
        return redirect_to('/proposal')
Пример #6
0
    def withdraw(self, id):
        if not h.auth.authorized(h.auth.Or(h.auth.is_same_zookeepr_submitter(id), h.auth.has_organiser_role)):
            # Raise a no_auth error
            h.auth.no_role()

        c.proposal = Proposal.find_by_id(id)
        return render("/proposal/withdraw.mako")
Пример #7
0
    def _new(self):
        person_results = self.form_result['person']
        proposal_results = self.form_result['proposal']
        attachment_results = self.form_result['attachment']

        proposal_results['status'] = ProposalStatus.find_by_name('Pending')

        c.proposal = Proposal(**proposal_results)
        meta.Session.add(c.proposal)

        if not h.signed_in_person():
            c.person = model.Person(**person_results)
            meta.Session.add(c.person)
            email(c.person.email_address,
                  render('/person/new_person_email.mako'))
        else:
            c.person = h.signed_in_person()
            for key in person_results:
                setattr(c.person, key, self.form_result['person'][key])

        c.person.proposals.append(c.proposal)

        if attachment_results is not None:
            c.attachment = Attachment(**attachment_results)
            c.proposal.attachments.append(c.attachment)
            meta.Session.add(c.attachment)

        meta.Session.commit()
        email(c.person.email_address,
              render('proposal/thankyou_mini_email.mako'))

        h.flash("Proposal submitted!")
        return redirect_to(controller='proposal', action="index", id=None)
Пример #8
0
    def check(self, app, environ, start_response):

        if not environ.get('REMOTE_USER'):
            set_redirect()
            raise NotAuthenticatedError('Not Authenticated')

        person = Person.find_by_email(environ['REMOTE_USER'])
        if person is None:
            environ['auth_failure'] = 'NO_USER'
            raise NotAuthorizedError(
                'You are not one of the users allowed to access this resource.'
            )

        proposal = Proposal.find_by_id(self.proposal_id)
        if proposal is None:
            raise NotAuthorizedError(
                "Proposal doesn't exist"
            )

        if person not in proposal.people:
            set_role("User doesn't have any of the specified roles")
            raise NotAuthorizedError(
                "User doesn't have any of the specified roles"
            )

        return app(environ, start_response)
Пример #9
0
    def review(self, id):
        c.streams = Stream.select_values()
        c.proposal = Proposal.find_by_id(id)
        c.signed_in_person = h.signed_in_person()

        # TODO: currently not enough (see TODOs in model/proposal.py)
        #if not h.auth.authorized(h.auth.has_organiser_role):
        #    # You can't review your own proposal
        #    for person in c.proposal.people:
        #        if person.id == c.signed_in_person.id:
        #            h.auth.no_role()

        c.next_review_id = Proposal.find_next_proposal(c.proposal.id,
                                                       c.proposal.type.id,
                                                       c.signed_in_person.id)

        return render('/proposal/review.mako')
Пример #10
0
    def review_index(self):
        c.person = h.signed_in_person()
        c.num_proposals = 0
        reviewer_role = Role.find_by_name('reviewer')
        c.num_reviewers = len(reviewer_role.people)
        for pt in c.proposal_types:
            stuff = Proposal.find_all_by_proposal_type_id(pt.id, include_withdrawn=False)
            c.num_proposals += len(stuff)
            setattr(c, '%s_collection' % pt.name, stuff)
        for aat in c.accommodation_assistance_types:
            stuff = Proposal.find_all_by_accommodation_assistance_type_id(aat.id)
            setattr(c, '%s_collection' % aat.name, stuff)
        for tat in c.travel_assistance_types:
            stuff = Proposal.find_all_by_travel_assistance_type_id(tat.id)
            setattr(c, '%s_collection' % tat.name, stuff)

        return render('proposal/list_review.mako')
Пример #11
0
    def withdraw(self, id):
        if not h.auth.authorized(
                h.auth.Or(h.auth.is_same_zookeepr_submitter(id),
                          h.auth.has_organiser_role)):
            # Raise a no_auth error
            h.auth.no_role()

        c.proposal = Proposal.find_by_id(id)
        return render("/proposal/withdraw.mako")
Пример #12
0
    def view(self, id):
        # We need to recheck auth in here so we can pass in the id
        if not h.auth.authorized(h.auth.Or(h.auth.is_same_zookeepr_submitter(id), h.auth.has_organiser_role, h.auth.has_reviewer_role)):
            # Raise a no_auth error
            h.auth.no_role()

        c.proposal = Proposal.find_by_id(id)

        return render('proposal/view.mako')
Пример #13
0
    def review_index(self):
        c.person = h.signed_in_person()
        c.num_proposals = 0
        reviewer_role = Role.find_by_name('reviewer')
        c.num_reviewers = len(reviewer_role.people)
        for pt in c.proposal_types:
            stuff = Proposal.find_all_by_proposal_type_id(
                pt.id, include_withdrawn=False)
            c.num_proposals += len(stuff)
            setattr(c, '%s_collection' % pt.name, stuff)
        for aat in c.accommodation_assistance_types:
            stuff = Proposal.find_all_by_accommodation_assistance_type_id(
                aat.id)
            setattr(c, '%s_collection' % aat.name, stuff)
        for tat in c.travel_assistance_types:
            stuff = Proposal.find_all_by_travel_assistance_type_id(tat.id)
            setattr(c, '%s_collection' % tat.name, stuff)

        return render('proposal/list_review.mako')
Пример #14
0
    def view(self, id):
        # We need to recheck auth in here so we can pass in the id
        if not h.auth.authorized(
                h.auth.Or(h.auth.is_same_zookeepr_submitter(id),
                          h.auth.has_organiser_role,
                          h.auth.has_reviewer_role)):
            # Raise a no_auth error
            h.auth.no_role()

        c.proposal = Proposal.find_by_id(id)

        return render('proposal/view.mako')
Пример #15
0
    def _approve(self):
        c.highlight = set()
        talks = self.form_result['talk']
        statuses = self.form_result['status']
        for talk, status in zip(talks, statuses):
            if status is not None:
                c.highlight.add(talk.id)
                talk.status = status
        meta.Session.commit()

        c.proposals = Proposal.find_all()
        c.statuses = ProposalStatus.find_all()
        return render("proposal/approve.mako")
Пример #16
0
    def _approve(self):
        c.highlight = set()
        talks = self.form_result['talk']
        statuses = self.form_result['status']
        for talk, status in zip(talks, statuses):
            if status is not None:
                c.highlight.add(talk.id)
                talk.status = status
        meta.Session.commit()

        c.proposals = Proposal.find_all()
        c.statuses = ProposalStatus.find_all()
        return render("proposal/approve.mako")
Пример #17
0
    def _review(self, id):
        """Review a proposal.
        """
        c.proposal = Proposal.find_by_id(id)
        c.signed_in_person = h.signed_in_person()
        c.next_review_id = Proposal.find_next_proposal(c.proposal.id,
                                                       c.proposal.type.id,
                                                       c.signed_in_person.id)

        # TODO: currently not enough (see TODOs in model/proposal.py)
        #if not h.auth.authorized(h.auth.has_organiser_role):
        #    # You can't review your own proposal
        #    for person in c.proposal.people:
        #        if person.id == c.signed_in_person.id:
        #            h.auth.no_role()

        person = c.signed_in_person
        if person in [review.reviewer for review in c.proposal.reviews]:
            h.flash('Already reviewed')
            return redirect_to(action='review', id=c.next_review_id)

        results = self.form_result['review']
        review = Review(**results)

        meta.Session.add(review)
        c.proposal.reviews.append(review)

        review.reviewer = person

        meta.Session.commit()

        if c.next_review_id:
            return redirect_to(action='review', id=c.next_review_id)

        h.flash("No more papers to review")

        return redirect_to(action='review_index')
Пример #18
0
    def delete(self, id):
        c.attachment = Attachment.find_by_id(id)
        c.proposal = Proposal.find_by_id(c.attachment.proposal_id)

        if not h.auth.authorized(h.auth.has_organiser_role):
            authorized = False
            for person in c.proposal.people:
                if person.id == h.signed_in_person().id:
                    authorized = True
                    break
            if not authorized:
                # Raise a no_auth error
                h.auth.no_role()

        return render('/attachment/confirm_delete.mako')
Пример #19
0
    def delete(self, id):
        c.attachment = Attachment.find_by_id(id)
        c.proposal = Proposal.find_by_id(c.attachment.proposal_id)

        if not h.auth.authorized(h.auth.has_organiser_role):
            authorized = False
            for person in c.proposal.people:
                if person.id == h.signed_in_person().id:
                    authorized = True
                    break
            if not authorized:
                # Raise a no_auth error
                h.auth.no_role()

        return render("/attachment/confirm_delete.mako")
Пример #20
0
    def _withdraw(self, id):
        if not h.auth.authorized(h.auth.Or(h.auth.is_same_zookeepr_submitter(id), h.auth.has_organiser_role)):
            # Raise a no_auth error
            h.auth.no_role()

        c.proposal = Proposal.find_by_id(id)
        status = ProposalStatus.find_by_name('Withdrawn')
        c.proposal.status = status
        meta.Session.commit()

        c.person = h.signed_in_person()

        # Make sure the organisers are notified of this
        c.email_address = h.lca_info['emails'][c.proposal.type.name.lower()]
        email(c.email_address, render('/proposal/withdraw_email.mako'))

        h.flash("Proposal withdrawn. The organisers have been notified.")
        return redirect_to(controller='proposal', action="index", id=None)
Пример #21
0
    def _delete(self, id):
        c.attachment = Attachment.find_by_id(id)
        proposal = Proposal.find_by_id(c.attachment.proposal_id)

        if not h.auth.authorized(h.auth.has_organiser_role):
            authorized = False
            for person in proposal.people:
                if person.id == h.signed_in_person().id:
                    authorized = True
                    break
            if not authorized:
                # Raise a no_auth error
                h.auth.no_role()

        meta.Session.delete(c.attachment)
        meta.Session.commit()

        h.flash("Attachment Deleted")
        redirect_to(controller="proposal", action="view", id=proposal.id)
Пример #22
0
    def _delete(self, id):
        c.attachment = Attachment.find_by_id(id)
        proposal = Proposal.find_by_id(c.attachment.proposal_id)

        if not h.auth.authorized(h.auth.has_organiser_role):
            authorized = False
            for person in proposal.people:
                if person.id == h.signed_in_person().id:
                    authorized = True
                    break
            if not authorized:
                # Raise a no_auth error
                h.auth.no_role()

        meta.Session.delete(c.attachment)
        meta.Session.commit()

        h.flash("Attachment Deleted")
        redirect_to(controller='proposal', action='view', id=proposal.id)
Пример #23
0
    def edit(self, id):
        # We need to recheck auth in here so we can pass in the id
        if not h.auth.authorized(
                h.auth.Or(h.auth.is_same_zookeepr_submitter(id),
                          h.auth.has_organiser_role)):
            # Raise a no_auth error
            h.auth.no_role()

        if not h.auth.authorized(h.auth.has_organiser_role):
            if c.paper_editing == 'closed' and not h.auth.authorized(
                    h.auth.has_late_submitter_role):
                return render("proposal/editing_closed.mako")
            elif c.paper_editing == 'not_open':
                return render("proposal/editing_not_open.mako")

        c.proposal = Proposal.find_by_id(id)

        c.person = c.proposal.people[0]
        for person in c.proposal.people:
            if h.signed_in_person() == person:
                c.person = person

        defaults = h.object_to_defaults(c.proposal, 'proposal')
        defaults.update(h.object_to_defaults(c.person, 'person'))
        defaults['person.name'] = c.person.firstname + " " + c.person.lastname
        # This is horrible, don't know a better way to do it
        if c.proposal.type:
            defaults['proposal.type'] = defaults['proposal.proposal_type_id']
        if c.proposal.travel_assistance:
            defaults['proposal.travel_assistance'] = defaults[
                'proposal.travel_assistance_type_id']
        if c.proposal.accommodation_assistance:
            defaults['proposal.accommodation_assistance'] = defaults[
                'proposal.accommodation_assistance_type_id']
        if c.proposal.audience:
            defaults['proposal.audience'] = defaults[
                'proposal.target_audience_id']

        defaults['person_to_edit'] = c.person.id
        defaults['name'] = c.person.firstname + " " + c.person.lastname
        c.miniconf = (c.proposal.type.name == 'Miniconf')
        form = render('/proposal/edit.mako')
        return htmlfill.render(form, defaults)
Пример #24
0
    def _withdraw(self, id):
        if not h.auth.authorized(
                h.auth.Or(h.auth.is_same_zookeepr_submitter(id),
                          h.auth.has_organiser_role)):
            # Raise a no_auth error
            h.auth.no_role()

        c.proposal = Proposal.find_by_id(id)
        status = ProposalStatus.find_by_name('Withdrawn')
        c.proposal.status = status
        meta.Session.commit()

        c.person = h.signed_in_person()

        # Make sure the organisers are notified of this
        c.email_address = h.lca_info['emails'][c.proposal.type.name.lower()]
        email(c.email_address, render('/proposal/withdraw_email.mako'))

        h.flash("Proposal withdrawn. The organisers have been notified.")
        return redirect_to(controller='proposal', action="index", id=None)
Пример #25
0
    def _attach(self, id):
        """Attach a file to the proposal.
        """
        # We need to recheck auth in here so we can pass in the id
        if not h.auth.authorized(h.auth.Or(h.auth.is_same_zookeepr_submitter(id), h.auth.has_organiser_role)):
            # Raise a no_auth error
            h.auth.no_role()

        c.proposal = Proposal.find_by_id(id)

        attachment_results = self.form_result['attachment']
        attachment = Attachment(**attachment_results)

        c.proposal.attachments.append(attachment)

        meta.Session.commit()

        h.flash("File was attached")

        return redirect_to(action='view', id=id)
Пример #26
0
    def _edit(self, id):
        # We need to recheck auth in here so we can pass in the id
        if not h.auth.authorized(
                h.auth.Or(h.auth.is_same_zookeepr_submitter(id),
                          h.auth.has_organiser_role)):
            # Raise a no_auth error
            h.auth.no_role()

        if not h.auth.authorized(h.auth.has_organiser_role):
            if c.paper_editing == 'closed' and not h.auth.authorized(
                    h.auth.has_late_submitter_role):
                return render("proposal/editing_closed.mako")
            elif c.paper_editing == 'not_open':
                return render("proposal/editing_not_open.mako")

        c.proposal = Proposal.find_by_id(id)
        for key in self.form_result['proposal']:
            setattr(c.proposal, key, self.form_result['proposal'][key])

        c.proposal.abstract = self.clean_abstract(c.proposal.abstract)

        c.person = self.form_result['person_to_edit']
        if (c.person.id == h.signed_in_person().id
                or h.auth.authorized(h.auth.has_organiser_role)):
            for key in self.form_result['person']:
                setattr(c.person, key, self.form_result['person'][key])
            p_edit = "and author"
        else:
            p_edit = "(but not author)"

        meta.Session.commit()

        if lca_info['proposal_update_email'] != '':
            body = "Subject: %s Proposal Updated\n\nID:    %d\nTitle: %s\nType:  %s\nURL:   %s" % (
                h.lca_info['event_name'], c.proposal.id, c.proposal.title,
                c.proposal.type.name.lower(),
                "http://" + h.host_name() + h.url_for(action="view"))
            email(lca_info['proposal_update_email'], body)

        h.flash("Proposal %s edited!" % p_edit)
        return redirect_to('/proposal')
Пример #27
0
    def _new(self):
        if c.cfp_status == 'closed':
            if not h.auth.authorized(
                    h.auth.Or(h.auth.has_organiser_role,
                              h.auth.has_late_submitter_role)):
                return render("proposal/closed.mako")
        elif c.cfp_status == 'not_open':
            return render("proposal/not_open.mako")

        person_results = self.form_result['person']
        proposal_results = self.form_result['proposal']
        attachment_results = self.form_result['attachment']

        proposal_results['status'] = ProposalStatus.find_by_name('Pending')

        c.proposal = Proposal(**proposal_results)
        c.proposal.abstract = self.clean_abstract(c.proposal.abstract)
        meta.Session.add(c.proposal)

        if not h.signed_in_person():
            c.person = model.Person(**person_results)
            meta.Session.add(c.person)
            email(c.person.email_address,
                  render('/person/new_person_email.mako'))
        else:
            c.person = h.signed_in_person()
            for key in person_results:
                setattr(c.person, key, self.form_result['person'][key])

        c.person.proposals.append(c.proposal)

        if attachment_results is not None:
            attachment = Attachment(**attachment_results)
            c.proposal.attachments.append(attachment)
            meta.Session.add(attachment)

        meta.Session.commit()
        email(c.person.email_address, render('proposal/thankyou_email.mako'))

        h.flash("Proposal submitted!")
        return redirect_to(controller='proposal', action="index", id=None)
Пример #28
0
    def _attach(self, id):
        """Attach a file to the proposal.
        """
        # We need to recheck auth in here so we can pass in the id
        if not h.auth.authorized(
                h.auth.Or(h.auth.is_same_zookeepr_submitter(id),
                          h.auth.has_organiser_role)):
            # Raise a no_auth error
            h.auth.no_role()

        c.proposal = Proposal.find_by_id(id)

        attachment_results = self.form_result['attachment']
        attachment = Attachment(**attachment_results)

        c.proposal.attachments.append(attachment)

        meta.Session.commit()

        h.flash("File was attached")

        return redirect_to(action='view', id=id)
Пример #29
0
    def view(self, id):
        attachment = Attachment.find_by_id(id)
        proposal = Proposal.find_by_id(attachment.proposal_id)

        if not h.auth.authorized(h.auth.has_organiser_role):
            authorized = False
            for person in proposal.people:
                if h.auth.is_same_zookeepr_user(person.id):
                    authorized = True
                    break
            if not authorized:
                # Raise a no_auth error
                h.auth.no_role()

        response.headers["content-type"] = attachment.content_type.encode("ascii", "ignore")
        response.headers.add("content-transfer-encoding", "binary")
        response.headers.add("content-length", len(attachment.content))
        response.headers["content-disposition"] = 'attachment; filename="%s";' % attachment.filename.encode(
            "ascii", "ignore"
        )
        response.headers.add("Pragma", "cache")
        response.headers.add("Cache-Control", "max-age=3600,public")
        return attachment.content
Пример #30
0
    def edit(self, id):
        # We need to recheck auth in here so we can pass in the id
        if not h.auth.authorized(h.auth.Or(h.auth.is_same_zookeepr_submitter(id), h.auth.has_organiser_role)):
            # Raise a no_auth error
            h.auth.no_role()

        if not h.auth.authorized(h.auth.has_organiser_role):
            if c.paper_editing == 'closed' and not h.auth.authorized(h.auth.has_late_submitter_role):
                return render("proposal/editing_closed.mako")
            elif c.paper_editing == 'not_open':
                return render("proposal/editing_not_open.mako")

        c.proposal = Proposal.find_by_id(id)

        c.person = c.proposal.people[0]
        for person in c.proposal.people:
            if h.signed_in_person() == person:
                c.person = person

        defaults = h.object_to_defaults(c.proposal, 'proposal')
        defaults.update(h.object_to_defaults(c.person, 'person'))
        defaults['person.name'] = c.person.firstname + " " + c.person.lastname
        # This is horrible, don't know a better way to do it
        if c.proposal.type:
            defaults['proposal.type'] = defaults['proposal.proposal_type_id']
        if c.proposal.travel_assistance:
            defaults['proposal.travel_assistance'] = defaults['proposal.travel_assistance_type_id']
        if c.proposal.accommodation_assistance:
            defaults['proposal.accommodation_assistance'] = defaults['proposal.accommodation_assistance_type_id']
        if c.proposal.audience:
            defaults['proposal.audience'] = defaults['proposal.target_audience_id']

        defaults['person_to_edit'] = c.person.id
        defaults['name'] = c.person.firstname + " " + c.person.lastname
        c.miniconf = (c.proposal.type.name == 'Miniconf')
        form = render('/proposal/edit.mako')
        return htmlfill.render(form, defaults)
Пример #31
0
    def view(self, id):
        attachment = Attachment.find_by_id(id)
        proposal = Proposal.find_by_id(attachment.proposal_id)

        if not h.auth.authorized(h.auth.has_organiser_role):
            authorized = False
            for person in proposal.people:
                if h.auth.is_same_zookeepr_user(person.id):
                    authorized = True
                    break
            if not authorized:
                # Raise a no_auth error
                h.auth.no_role()

        response.headers['content-type'] = attachment.content_type.encode(
            'ascii', 'ignore')
        response.headers.add('content-transfer-encoding', 'binary')
        response.headers.add('content-length', len(attachment.content))
        response.headers[
            'content-disposition'] = 'attachment; filename="%s";' % attachment.filename.encode(
                'ascii', 'ignore')
        response.headers.add('Pragma', 'cache')
        response.headers.add('Cache-Control', 'max-age=3600,public')
        return attachment.content
Пример #32
0
 def _to_python(self, value, state):
     return Proposal.find_by_id(int(value))
Пример #33
0
 def approve(self):
     c.highlight = set()
     c.proposals = Proposal.find_all()
     c.statuses = ProposalStatus.find_all()
     return render("proposal/approve.mako")
Пример #34
0
 def _to_python(self, value, state):
     return Proposal.find_by_id(int(value))
Пример #35
0
 def approve(self):
     c.highlight = set()
     c.proposals = Proposal.find_all()
     c.statuses = ProposalStatus.find_all()
     return render("proposal/approve.mako")