def void(self, id): if not h.auth.authorized( h.auth.Or(h.auth.is_same_zkpylons_attendee(id), h.auth.has_organiser_role)): # Raise a no_auth error h.auth.no_role() c.invoice = Invoice.find_by_id(id, True) if c.invoice.is_void: h.flash("Invoice was already voided.") return redirect_to(action='view', id=c.invoice.id) elif len(c.invoice.payment_received) and h.auth.authorized( h.auth.has_organiser_role): h.flash("Invoice has a payment applied to it, do you want to " + h.link_to('Refund', h.url_for(action='refund')) + " instead?") return redirect_to(action='view', id=c.invoice.id) elif len(c.invoice.payment_received): h.flash("Cannot void a paid invoice.") return redirect_to(action='view', id=c.invoice.id) elif h.auth.authorized(h.auth.has_organiser_role): c.invoice.void = "Administration Change" meta.Session.commit() h.flash("Invoice was voided.") return redirect_to(action='view', id=c.invoice.id) else: c.invoice.void = "User cancellation" c.person = c.invoice.person meta.Session.commit() email(lca_info['contact_email'], render('/invoice/user_voided.mako')) h.flash("Previous invoice was voided.") return redirect_to(controller='registration', action='pay', id=c.person.registration.id)
def index(self): """The home page of the website. If the user has not signed in, then they are presented with the default page. Otherwise, they're shown the customised page. We rely on `c.signed_in_person` containing the Person object for the currently signed in user, but we don't want to redirect to the signin action if we're not signed in so we duplicate the __before__ code from SecureController here. """ if 'signed_in_person_id' in session: c.signed_in_person = self.dbsession.query(Person).filter_by(id=session['signed_in_person_id']).one() c.db_content = DbContent.find_by_url('/home', abort_404=False) c.tiered_sponsors = Sponsor.find_all_tiered() c.venue_photos = Photo.find_all_by_gallery("Venue") venue_text_url = '/venue' c.venue_text = DbContent.find_by_url( venue_text_url, abort_404=False).body if not c.venue_text: c.venue_text = 'To put content here create a page with a URL of ' '<u>{venue_text_url}</u> in the <a href="{page_database_url}">page ' 'database</a>.'.format( venue_text_url = venue_text_url, page_database_url = h.url_for( controller='db_content', action='new')) return render('/home.mako')
def void(self, id): if not h.auth.authorized(h.auth.Or(h.auth.is_same_zkpylons_attendee(id), h.auth.has_organiser_role)): # Raise a no_auth error h.auth.no_role() c.invoice = Invoice.find_by_id(id, True) if c.invoice.is_void: h.flash("Invoice was already voided.") return redirect_to(action="view", id=c.invoice.id) elif len(c.invoice.payment_received) and h.auth.authorized(h.auth.has_organiser_role): h.flash( "Invoice has a payment applied to it, do you want to " + h.link_to("Refund", h.url_for(action="refund")) + " instead?" ) return redirect_to(action="view", id=c.invoice.id) elif len(c.invoice.payment_received): h.flash("Cannot void a paid invoice.") return redirect_to(action="view", id=c.invoice.id) elif h.auth.authorized(h.auth.has_organiser_role): c.invoice.void = "Administration Change" meta.Session.commit() h.flash("Invoice was voided.") return redirect_to(action="view", id=c.invoice.id) else: c.invoice.void = "User cancellation" c.person = c.invoice.person meta.Session.commit() email(lca_info["contact_email"], render("/invoice/user_voided.mako")) h.flash("Previous invoice was voided.") return redirect_to(controller="registration", action="pay", id=c.person.registration.id)
def validate_python(self, values, state): assertion = values['assertion'] audience = h.url_for(qualified=True, controller='home').strip("/") page = urllib2.urlopen('https://verifier.login.persona.org/verify', urllib.urlencode({ "assertion": assertion, "audience": audience})) data = json.load(page) if data['status'] == 'okay': c.email = data['email'] c.person = Person.find_by_email(c.email) if c.person is None: if not Config.get('account_creation'): error_message = "Your sign-in details are incorrect; try the 'Forgotten your password' link below." message = "Login failed" error_dict = {'email_address': error_message} raise Invalid(message, values, state, error_dict=error_dict) # Create a new account for this email address c.person = Person() c.person.email_address = data['email'] c.person.activated = True meta.Session.add(c.person) meta.Session.commit() if not c.person.activated: # Persona returns verified emails only, so might as well confirm this one... c.person.activated = True meta.Session.commit()
def json(self): schedules = Schedule.find_all() output = [] for schedule in schedules: if not schedule.time_slot.heading: row = {} speakers = schedule.event.computed_speakers() speaker_emails = schedule.event.computed_speaker_emails() row['Id'] = schedule.id row['Event'] = schedule.event_id row['Title'] = schedule.event.computed_title() row['Room Name'] = schedule.location.display_name row['Start'] = str(schedule.time_slot.start_time) row['Duration'] = str(schedule.time_slot.end_time - schedule.time_slot.start_time) if speakers: row['Presenters'] = ','.join(speakers) if speaker_emails: row['Presenter_emails'] = ','.join(speaker_emails) row['Description'] = schedule.event.computed_abstract() if schedule.event.proposal: row['URL'] = h.url_for(qualified=True, controller='schedule', action='view_talk', id=schedule.event.proposal_id) output.append(row) response.charset = 'utf8' response.headers['content-type'] = 'application/json; charset=utf8' response.headers.add('content-transfer-encoding', 'binary') response.headers.add('Pragma', 'cache') response.headers.add('Cache-Control', 'max-age=3600,public') return json.write(output)
def edit(self, id): c.review = Review.find_by_id(id) redirect_to( h.url_for(controller='proposal', id=c.review.proposal.id, action='review'))
def json(self): schedules = Schedule.find_all() output = [] for schedule in schedules: if not schedule.time_slot.heading: row = {} speakers = schedule.event.computed_speakers() speaker_emails = schedule.event.computed_speaker_emails() video_release = schedule.event.video_release() row['Id'] = schedule.id row['Event'] = schedule.event_id row['Title'] = schedule.event.computed_title() row['Room Name'] = schedule.location.display_name row['Start'] = str(schedule.time_slot.start_time) row['Duration'] = str(schedule.time_slot.end_time - schedule.time_slot.start_time) if speakers: row['Presenters'] = ','.join(speakers) if speaker_emails: row['Presenter_emails'] = ','.join(speaker_emails) row['Description'] = schedule.event.computed_abstract() if schedule.event.proposal: row['URL'] = h.url_for(qualified=True, controller='schedule', action='view_talk', id=schedule.event.proposal_id) row['video_release'] = video_release output.append(row) response.headers.add('Pragma', 'cache') response.headers.add('Cache-Control', 'max-age=3600,public') return output
def ical(self): c.schedule_collection = Schedule.find_all() ical = vobject.iCalendar() for schedule in c.schedule_collection: if not schedule.time_slot.heading: event = ical.add('vevent') event.add('uid').value = str(schedule.id) + '@' + Config.get('event_host') # Created tz = timezone(Config.get('time_zone')) event.add('created').value = schedule.creation_timestamp.replace(tzinfo=tz) # Last Modified event.add('dtstamp').value = schedule.last_modification_timestamp.replace(tzinfo=tz) event.add('last-modified').value = schedule.last_modification_timestamp.replace(tzinfo=tz) # Start and End Time event.add('dtstart').value = schedule.time_slot.start_time.replace(tzinfo=tz) event.add('dtend').value = schedule.time_slot.end_time.replace(tzinfo=tz) # Title and Author (need to add Author here) event.add('summary').value = schedule.event.computed_title() + '. ' + h.list_to_string(schedule.event.computed_speakers()) # Abstract, if we have one event.add('description').value = schedule.event.computed_abstract() # Add a URL if schedule.event.proposal: event.add('url').value = h.url_for(qualified=True, controller='schedule', action='view_talk', id=schedule.event.proposal.id) elif not (schedule.event.url is None or schedule.event.url == ''): if schedule.event.url.startswith('https://') or schedule.event.url.startswith('http://'): event.add('url').value = h.url_for(str(schedule.event.url)) else: event.add('url').value = h.url_for(str(schedule.event.url), qualified=True) concurrent_schedules = schedule.event.schedule_by_time_slot(schedule.time_slot) for concurrent_schedule in concurrent_schedules: if concurrent_schedule != schedule: if concurrent_schedule in c.schedule_collection: c.schedule_collection.remove(concurrent_schedule) locations = [concurrent_schedule.location.display_name for concurrent_schedule in concurrent_schedules] event.add('location').value = h.list_to_string(locations) response.charset = 'utf8' response.headers['content-type'] = 'text/calendar; charset=utf8' response.headers.add('content-transfer-encoding', 'binary') response.headers.add('Pragma', 'cache') response.headers.add('Cache-Control', 'max-age=3600,public') return ical.serialize()
def edit(self, id=None): # # Helpfully redirect to the correct URL. # if id is None: return redirect_to(h.url_for(id=h.signed_in_person().id)) # # Only an organiser can edit someone elses photos. # if not h.auth.authorized(h.auth.Or(h.auth.is_same_zkpylons_user(id), h.auth.has_organiser_role)): h.auth.no_role() person_id = int(id, 10) c.open_date = lca_info.lca_info['date'] c.days_open = (datetime.date.today() - c.open_date.date()).days photo_db = PhotoCompEntry.read_db() c.photo = lambda day, entry: PhotoCompEntry.get(photo_db, person_id, day, entry) c.is_organiser = h.auth.authorized(h.auth.has_organiser_role) c.DAYS_OPEN = DAYS_OPEN c.ENTRY_NAMES = ENTRY_NAMES return render('/photocomp/edit.mako')
def _edit(self, id): # We need to recheck auth in here so we can pass in the id if not h.auth.authorized( h.auth.Or(h.auth.is_same_zkpylons_submitter(id), h.auth.has_organiser_role)): # Raise a no_auth error h.auth.no_role() if not h.auth.authorized(h.auth.has_organiser_role): if c.proposal_editing == 'closed' and not h.auth.authorized( h.auth.has_late_submitter_role): return render("proposal/editing_closed.mako") elif c.proposal_editing == 'not_open': return render("proposal/editing_not_open.mako") c.proposal = Proposal.find_by_id(id) for key in self.form_result['proposal']: setattr(c.proposal, key, self.form_result['proposal'][key]) c.proposal.abstract = self.clean_abstract(c.proposal.abstract) c.person = self.form_result['person_to_edit'] if (c.person.id == h.signed_in_person().id or h.auth.authorized(h.auth.has_organiser_role)): for key in self.form_result['person']: setattr(c.person, key, self.form_result['person'][key]) p_edit = "and author" else: p_edit = "(but not author)" meta.Session.commit() if lca_info['proposal_update_email'] != '': body = "Subject: %s Proposal Updated\n\nID: %d\nTitle: %s\nType: %s\nURL: %s" % ( h.lca_info['event_name'], c.proposal.id, c.proposal.title, c.proposal.type.name.lower(), "http://" + h.host_name() + h.url_for(action="view")) email(lca_info['proposal_update_email'], body) h.flash("Proposal %s edited!" % p_edit) return redirect_to('/proposal')
def generate_hash(self, id): if not h.auth.authorized(h.auth.Or(h.auth.is_same_zkpylons_attendee(id), h.auth.has_organiser_role, h.auth.has_unique_key())): # Raise a no_auth error h.auth.no_role() url = h.url_for(action='view', id=id) c.hash = URLHash.find_by_url(url=url) if c.hash is None: c.hash = URLHash() c.hash.url = url meta.Session.add(c.hash) meta.Session.commit() # create an entry for the payment page (not needed) # TODO: depending on how the gateway works, you may need to make sure you have permissions for the page you get redirected to #c.hash = URLHash() #c.hash.url = h.url_for(action='pay') #meta.Session.add(c.hash) #meta.Session.commit() return render('/invoice/generate_url.mako')
def _edit(self, id): # We need to recheck auth in here so we can pass in the id if not h.auth.authorized(h.auth.Or(h.auth.is_same_zkpylons_submitter(id), h.auth.has_organiser_role)): # Raise a no_auth error h.auth.no_role() if not h.auth.authorized(h.auth.has_organiser_role): if c.proposal_editing == "closed" and not h.auth.authorized(h.auth.has_late_submitter_role): return render("proposal/editing_closed.mako") elif c.proposal_editing == "not_open": return render("proposal/editing_not_open.mako") c.proposal = Proposal.find_by_id(id) for key in self.form_result["proposal"]: setattr(c.proposal, key, self.form_result["proposal"][key]) c.proposal.abstract = self.clean_abstract(c.proposal.abstract) c.person = self.form_result["person_to_edit"] if c.person.id == h.signed_in_person().id or h.auth.authorized(h.auth.has_organiser_role): for key in self.form_result["person"]: setattr(c.person, key, self.form_result["person"][key]) p_edit = "and author" else: p_edit = "(but not author)" meta.Session.commit() if lca_info["proposal_update_email"] != "": body = "Subject: %s Proposal Updated\n\nID: %d\nTitle: %s\nType: %s\nURL: %s" % ( h.lca_info["event_name"], c.proposal.id, c.proposal.title, c.proposal.type.name.lower(), "http://" + h.host_name() + h.url_for(action="view"), ) email(lca_info["proposal_update_email"], body) h.flash("Proposal %s edited!" % p_edit) return redirect_to("/proposal")
def edit(self, id): c.review = Review.find_by_id(id) redirect_to(h.url_for(controller='proposal', id=c.review.proposal.id, action='review'))
def page(self): url = h.url_for().strip("/") c.db_content = DbContent.find_by_url(url, abort_404=False) if c.db_content is not None: return self.view(c.db_content.id) return NotFoundController().view()