def favourites(request):
items = request.user.profile.favourites.select_subclasses()
context = {
'help': request.GET.get("help", False),
'favourite': request.GET.get("favourite", False)
}
return paginated_list(request, items, "aristotle_mdr/user/userFavourites.html", context)
def my_review_list(request):
# Users can see any items they have been asked to review
q = Q(requester=request.user)
reviews = MDR.ReviewRequest.objects.visible(request.user).filter(q)
return paginated_list(request, reviews,
"aristotle_mdr/user/my_review_list.html",
{'reviews': reviews})
def items(request, iid):
wg = get_object_or_404(MDR.Workgroup, pk=iid)
if not user_in_workgroup(request.user, wg):
raise PermissionDenied
items = MDR._concept.objects.filter(workgroup=iid).select_subclasses()
context = {"item": wg, "workgroup": wg, "user_is_admin": user_is_workgroup_manager(request.user, wg)}
return paginated_list(request, items, "aristotle_mdr/workgroupItems.html", context)
def favourites(request):
items = request.user.profile.favourites.select_subclasses()
context = {
'help': request.GET.get("help", False),
'favourite': request.GET.get("favourite", False),
"select_all_list_queryset_filter": 'favourited_by__user=user' # no information leakage here.
}
return paginated_list(request, items, "aristotle_mdr/user/userFavourites.html", context)
def my_review_list(request):
# Users can see any items they have been asked to review
q = Q(requester=request.user)
reviews = models.ReviewRequest.objects.visible(
request.user).filter(q).filter(registration_authority__active=0)
return paginated_list(request, reviews,
"aristotle_mdr/reviews/my_review_list.html",
{'reviews': reviews})
def review_list(request):
if not request.user.profile.is_registrar:
raise PermissionDenied
items = MDR._concept.objects.visible(request.user).filter(
readyToReview=True, statuses=None).select_subclasses()
return paginated_list(request, items,
"aristotle_mdr/user/userReadyForReview.html",
{'items': items})
def favourites(request):
items = request.user.profile.favourites.select_subclasses()
context = {
'help': request.GET.get("help", False),
'favourite': request.GET.get("favourite", False),
"select_all_list_queryset_filter": 'favourited_by__user=user' # no information leakage here.
}
return paginated_list(request, items, "aristotle_mdr/user/userFavourites.html", context)
def review_list(request):
if not request.user.profile.is_registrar:
raise PermissionDenied
authorities = [i[0] for i in request.user.profile.registrarAuthorities.all().values_list('id')]
# Registars can see items they have been asked to review
q = Q(Q(registration_authority__id__in=authorities) & ~Q(status=MDR.REVIEW_STATES.cancelled))
reviews = MDR.ReviewRequest.objects.visible(request.user).filter(q)
return paginated_list(request, reviews, "aristotle_mdr/user/userReviewList.html", {'reviews': reviews})
def review_list(request):
if not request.user.profile.is_registrar:
raise PermissionDenied
authorities = [i[0] for i in request.user.profile.registrarAuthorities.filter(active=0).values_list('id')]
# Registrars can see items they have been asked to review
q = Q(Q(registration_authority__id__in=authorities) & ~Q(status=models.REVIEW_STATES.revoked))
reviews = models.ReviewRequest.objects.visible(request.user).filter(q)
return paginated_list(request, reviews, "aristotle_mdr/reviews/reviewers_review_list.html", {'reviews': reviews})
def view_folder(request,folder_slug):
# a user can only ever see their own items
folder = get_object_or_404(Folder,slug=folder_slug,owner=request.user)
context = {'folder':folder}
return paginated_list(
request,
folder.items,
"aristotle_favourites/dashboard/view_folder.html",
context
)
def items(request, iid):
wg = get_object_or_404(MDR.Workgroup, pk=iid)
if not user_in_workgroup(request.user, wg):
raise PermissionDenied
items = MDR._concept.objects.filter(workgroup=iid).select_subclasses()
context = {
"item": wg,
"workgroup": wg,
"user_is_admin": user_is_workgroup_manager(request.user, wg)
}
return paginated_list(request, items, "aristotle_mdr/workgroupItems.html",
context)
def review_list(request):
if not request.user.profile.is_registrar:
raise PermissionDenied
if not request.user.is_superuser:
ras = request.user.profile.registrarAuthorities
wgs = MDR.Workgroup.objects.filter(registrationAuthorities__in=ras)
items = MDR._concept.objects.filter(workgroup__in=wgs)
else:
items = MDR._concept.objects.all()
items = items.filter(readyToReview=True,statuses=None)
context={}
return paginated_list(request,items,"aristotle_mdr/user/userReadyForReview.html",context)
def my_review_list(request):
# Users can see any items they have been asked to review
q = Q(requester=request.user)
reviews = MDR.ReviewRequest.objects.visible(request.user).filter(q)
return paginated_list(request, reviews, "aristotle_mdr/user/my_review_list.html", {'reviews': reviews})
def review_list(request):
if not request.user.profile.is_registrar:
raise PermissionDenied
items = MDR._concept.objects.visible(request.user).filter(readyToReview=True,statuses=None).select_subclasses()
return paginated_list(request,items,"aristotle_mdr/user/userReadyForReview.html",{'items':items})
def my_review_list(request):
# Users can see any items they have been asked to review
q = Q(requester=request.user)
reviews = models.ReviewRequest.objects.visible(request.user).filter(q).filter(registration_authority__active=0)
return paginated_list(request, reviews, "aristotle_mdr/reviews/my_review_list.html", {'reviews': reviews})
