def can_create_election(request): user = get_user(request) if not user: return False if helios.ADMIN_ONLY: return user.admin_p else: return user.can_create_election()
def election_admin_wrapper(request, election_uuid=None, *args, **kw): election = get_election_by_uuid(election_uuid) user = get_user(request) if not user_can_admin_election(user, election): raise PermissionDenied() # do checks do_election_checks(election, checks) return func(request, election, *args, **kw)
def render_template(request, template_name, values=None): vars_with_user = values.copy() if values is not None else {} vars_with_user["user"] = get_user(request) vars_with_user["settings"] = settings vars_with_user["CURRENT_URL"] = request.path # csrf protection if "csrf_token" in request.session: vars_with_user["csrf_token"] = request.session["csrf_token"] return render(request, "server_ui/templates/%s.html" % template_name, vars_with_user)
def prepare_vars(request, values): vars_with_user = values.copy() if values is not None else {} vars_with_user["user"] = get_user(request) # csrf protection if "csrf_token" in request.session: vars_with_user["csrf_token"] = request.session["csrf_token"] vars_with_user["utils"] = utils vars_with_user["settings"] = settings vars_with_user["HELIOS_STATIC"] = "/static/helios/helios" vars_with_user["TEMPLATE_BASE"] = TEMPLATE_BASE vars_with_user["CURRENT_URL"] = request.path vars_with_user["SECURE_URL_HOST"] = settings.SECURE_URL_HOST return vars_with_user
def user_can_see_election(request, election): user = get_user(request) if not election.private_p: return True # election is private # but maybe this user is the administrator? if user_can_admin_election(user, election): return True # or maybe this is a trustee of the election? trustee = get_logged_in_trustee(request) if trustee and trustee.election.uuid == election.uuid: return True # then this user has to be a voter return get_voter(request, user, election) is not None
def home(request): # load the featured elections featured_elections = Election.get_featured() user = get_user(request) create_p = can_create_election(request) if create_p: elections_administered = Election.get_by_user_as_admin( user, archived_p=False, limit=5) else: elections_administered = None if user: elections_voted = Election.get_by_user_as_voter(user, limit=5) else: elections_voted = None auth_systems = copy.copy(settings.AUTH_ENABLED_SYSTEMS) try: auth_systems.remove("password") except: pass login_box = auth_views.login_box_raw(request, return_url="/", auth_systems=auth_systems) return render_template( request, "index", { "elections": featured_elections, "elections_administered": elections_administered, "elections_voted": elections_voted, "create_p": create_p, "login_box": login_box, }, )