def favourites(request): items = request.user.profile.favourites.select_subclasses() context = { 'help': request.GET.get("help", False), 'favourite': request.GET.get("favourite", False) } return paginated_list(request, items, "aristotle_mdr/user/userFavourites.html", context)
def my_review_list(request): # Users can see any items they have been asked to review q = Q(requester=request.user) reviews = MDR.ReviewRequest.objects.visible(request.user).filter(q) return paginated_list(request, reviews, "aristotle_mdr/user/my_review_list.html", {'reviews': reviews})
def items(request, iid): wg = get_object_or_404(MDR.Workgroup, pk=iid) if not user_in_workgroup(request.user, wg): raise PermissionDenied items = MDR._concept.objects.filter(workgroup=iid).select_subclasses() context = {"item": wg, "workgroup": wg, "user_is_admin": user_is_workgroup_manager(request.user, wg)} return paginated_list(request, items, "aristotle_mdr/workgroupItems.html", context)
def favourites(request): items = request.user.profile.favourites.select_subclasses() context = { 'help': request.GET.get("help", False), 'favourite': request.GET.get("favourite", False), "select_all_list_queryset_filter": 'favourited_by__user=user' # no information leakage here. } return paginated_list(request, items, "aristotle_mdr/user/userFavourites.html", context)
def my_review_list(request): # Users can see any items they have been asked to review q = Q(requester=request.user) reviews = models.ReviewRequest.objects.visible( request.user).filter(q).filter(registration_authority__active=0) return paginated_list(request, reviews, "aristotle_mdr/reviews/my_review_list.html", {'reviews': reviews})
def review_list(request): if not request.user.profile.is_registrar: raise PermissionDenied items = MDR._concept.objects.visible(request.user).filter( readyToReview=True, statuses=None).select_subclasses() return paginated_list(request, items, "aristotle_mdr/user/userReadyForReview.html", {'items': items})
def review_list(request): if not request.user.profile.is_registrar: raise PermissionDenied authorities = [i[0] for i in request.user.profile.registrarAuthorities.all().values_list('id')] # Registars can see items they have been asked to review q = Q(Q(registration_authority__id__in=authorities) & ~Q(status=MDR.REVIEW_STATES.cancelled)) reviews = MDR.ReviewRequest.objects.visible(request.user).filter(q) return paginated_list(request, reviews, "aristotle_mdr/user/userReviewList.html", {'reviews': reviews})
def review_list(request): if not request.user.profile.is_registrar: raise PermissionDenied authorities = [i[0] for i in request.user.profile.registrarAuthorities.filter(active=0).values_list('id')] # Registrars can see items they have been asked to review q = Q(Q(registration_authority__id__in=authorities) & ~Q(status=models.REVIEW_STATES.revoked)) reviews = models.ReviewRequest.objects.visible(request.user).filter(q) return paginated_list(request, reviews, "aristotle_mdr/reviews/reviewers_review_list.html", {'reviews': reviews})
def view_folder(request,folder_slug): # a user can only ever see their own items folder = get_object_or_404(Folder,slug=folder_slug,owner=request.user) context = {'folder':folder} return paginated_list( request, folder.items, "aristotle_favourites/dashboard/view_folder.html", context )
def items(request, iid): wg = get_object_or_404(MDR.Workgroup, pk=iid) if not user_in_workgroup(request.user, wg): raise PermissionDenied items = MDR._concept.objects.filter(workgroup=iid).select_subclasses() context = { "item": wg, "workgroup": wg, "user_is_admin": user_is_workgroup_manager(request.user, wg) } return paginated_list(request, items, "aristotle_mdr/workgroupItems.html", context)
def review_list(request): if not request.user.profile.is_registrar: raise PermissionDenied if not request.user.is_superuser: ras = request.user.profile.registrarAuthorities wgs = MDR.Workgroup.objects.filter(registrationAuthorities__in=ras) items = MDR._concept.objects.filter(workgroup__in=wgs) else: items = MDR._concept.objects.all() items = items.filter(readyToReview=True,statuses=None) context={} return paginated_list(request,items,"aristotle_mdr/user/userReadyForReview.html",context)
def review_list(request): if not request.user.profile.is_registrar: raise PermissionDenied items = MDR._concept.objects.visible(request.user).filter(readyToReview=True,statuses=None).select_subclasses() return paginated_list(request,items,"aristotle_mdr/user/userReadyForReview.html",{'items':items})
def my_review_list(request): # Users can see any items they have been asked to review q = Q(requester=request.user) reviews = models.ReviewRequest.objects.visible(request.user).filter(q).filter(registration_authority__active=0) return paginated_list(request, reviews, "aristotle_mdr/reviews/my_review_list.html", {'reviews': reviews})