示例#1
0
    def void(self, id):
        if not h.auth.authorized(
                h.auth.Or(h.auth.is_same_zkpylons_attendee(id),
                          h.auth.has_organiser_role)):
            # Raise a no_auth error
            h.auth.no_role()

        c.invoice = Invoice.find_by_id(id, True)
        if c.invoice.is_void:
            h.flash("Invoice was already voided.")
            return redirect_to(action='view', id=c.invoice.id)
        elif len(c.invoice.payment_received) and h.auth.authorized(
                h.auth.has_organiser_role):
            h.flash("Invoice has a payment applied to it, do you want to " +
                    h.link_to('Refund', h.url_for(action='refund')) +
                    " instead?")
            return redirect_to(action='view', id=c.invoice.id)
        elif len(c.invoice.payment_received):
            h.flash("Cannot void a paid invoice.")
            return redirect_to(action='view', id=c.invoice.id)
        elif h.auth.authorized(h.auth.has_organiser_role):
            c.invoice.void = "Administration Change"
            meta.Session.commit()
            h.flash("Invoice was voided.")
            return redirect_to(action='view', id=c.invoice.id)
        else:
            c.invoice.void = "User cancellation"
            c.person = c.invoice.person
            meta.Session.commit()
            email(lca_info['contact_email'],
                  render('/invoice/user_voided.mako'))
            h.flash("Previous invoice was voided.")
            return redirect_to(controller='registration',
                               action='pay',
                               id=c.person.registration.id)
示例#2
0
    def index(self):
        """The home page of the website.

        If the user has not signed in, then they are presented with the
        default page.

        Otherwise, they're shown the customised page.

        We rely on `c.signed_in_person` containing the Person object for
        the currently signed in user, but we don't want to redirect to
        the signin action if we're not signed in so we duplicate the
        __before__ code from SecureController here.
        """

        if 'signed_in_person_id' in session:
            c.signed_in_person = self.dbsession.query(Person).filter_by(id=session['signed_in_person_id']).one()
        c.db_content = DbContent.find_by_url('/home', abort_404=False)

        c.tiered_sponsors = Sponsor.find_all_tiered()

        c.venue_photos = Photo.find_all_by_gallery("Venue")

        venue_text_url = '/venue'
        c.venue_text = DbContent.find_by_url(
            venue_text_url, abort_404=False).body
        if not c.venue_text:
            c.venue_text = 'To put content here create a page with a URL of '
            '<u>{venue_text_url}</u> in the <a href="{page_database_url}">page '
            'database</a>.'.format(
                venue_text_url = venue_text_url,
                page_database_url = h.url_for(
                    controller='db_content', action='new'))

        return render('/home.mako')
示例#3
0
    def void(self, id):
        if not h.auth.authorized(h.auth.Or(h.auth.is_same_zkpylons_attendee(id), h.auth.has_organiser_role)):
            # Raise a no_auth error
            h.auth.no_role()

        c.invoice = Invoice.find_by_id(id, True)
        if c.invoice.is_void:
            h.flash("Invoice was already voided.")
            return redirect_to(action="view", id=c.invoice.id)
        elif len(c.invoice.payment_received) and h.auth.authorized(h.auth.has_organiser_role):
            h.flash(
                "Invoice has a payment applied to it, do you want to "
                + h.link_to("Refund", h.url_for(action="refund"))
                + " instead?"
            )
            return redirect_to(action="view", id=c.invoice.id)
        elif len(c.invoice.payment_received):
            h.flash("Cannot void a paid invoice.")
            return redirect_to(action="view", id=c.invoice.id)
        elif h.auth.authorized(h.auth.has_organiser_role):
            c.invoice.void = "Administration Change"
            meta.Session.commit()
            h.flash("Invoice was voided.")
            return redirect_to(action="view", id=c.invoice.id)
        else:
            c.invoice.void = "User cancellation"
            c.person = c.invoice.person
            meta.Session.commit()
            email(lca_info["contact_email"], render("/invoice/user_voided.mako"))
            h.flash("Previous invoice was voided.")
            return redirect_to(controller="registration", action="pay", id=c.person.registration.id)
示例#4
0
文件: person.py 项目: iseppi/zookeepr
    def validate_python(self, values, state):
        assertion = values['assertion']
        audience = h.url_for(qualified=True, controller='home').strip("/")

        page = urllib2.urlopen('https://verifier.login.persona.org/verify',
                               urllib.urlencode({ "assertion": assertion,
                                                  "audience": audience}))
        data = json.load(page)
        if data['status'] == 'okay':
            c.email = data['email']
            c.person = Person.find_by_email(c.email)

        if c.person is None:
            if not Config.get('account_creation'):
                error_message = "Your sign-in details are incorrect; try the 'Forgotten your password' link below."
                message = "Login failed"
                error_dict = {'email_address': error_message}
                raise Invalid(message, values, state, error_dict=error_dict)

            # Create a new account for this email address
            c.person = Person()
            c.person.email_address = data['email']
            c.person.activated = True
            meta.Session.add(c.person)
            meta.Session.commit()

        if not c.person.activated:
            # Persona returns verified emails only, so might as well confirm this one...
            c.person.activated = True
            meta.Session.commit()
示例#5
0
    def json(self):
        schedules = Schedule.find_all()
        output = []

        for schedule in schedules:
            if not schedule.time_slot.heading:
                row = {}
                speakers = schedule.event.computed_speakers()
                speaker_emails = schedule.event.computed_speaker_emails()
                row['Id'] = schedule.id
                row['Event'] = schedule.event_id
                row['Title'] = schedule.event.computed_title()
                row['Room Name'] = schedule.location.display_name
                row['Start'] = str(schedule.time_slot.start_time)
                row['Duration'] = str(schedule.time_slot.end_time - schedule.time_slot.start_time)
                if speakers:
                    row['Presenters'] = ','.join(speakers)
                if speaker_emails:
                    row['Presenter_emails'] = ','.join(speaker_emails)
                row['Description'] = schedule.event.computed_abstract()
                if schedule.event.proposal:
                    row['URL'] = h.url_for(qualified=True, controller='schedule', action='view_talk', id=schedule.event.proposal_id)
                output.append(row)

        response.charset = 'utf8'
        response.headers['content-type'] = 'application/json; charset=utf8'
        response.headers.add('content-transfer-encoding', 'binary')
        response.headers.add('Pragma', 'cache')
        response.headers.add('Cache-Control', 'max-age=3600,public')
        return json.write(output)
示例#6
0
    def edit(self, id):
        c.review = Review.find_by_id(id)

        redirect_to(
            h.url_for(controller='proposal',
                      id=c.review.proposal.id,
                      action='review'))
示例#7
0
    def json(self):
        schedules = Schedule.find_all()
        output = []

        for schedule in schedules:
            if not schedule.time_slot.heading:
                row = {}
                speakers = schedule.event.computed_speakers()
                speaker_emails = schedule.event.computed_speaker_emails()
                video_release = schedule.event.video_release()
                row['Id'] = schedule.id
                row['Event'] = schedule.event_id
                row['Title'] = schedule.event.computed_title()
                row['Room Name'] = schedule.location.display_name
                row['Start'] = str(schedule.time_slot.start_time)
                row['Duration'] = str(schedule.time_slot.end_time - schedule.time_slot.start_time)
                if speakers:
                    row['Presenters'] = ','.join(speakers)
                if speaker_emails:
                    row['Presenter_emails'] = ','.join(speaker_emails)
                row['Description'] = schedule.event.computed_abstract()
                if schedule.event.proposal:
                    row['URL'] = h.url_for(qualified=True, controller='schedule', action='view_talk', id=schedule.event.proposal_id)
                    row['video_release'] = video_release
                output.append(row)

        response.headers.add('Pragma', 'cache')
        response.headers.add('Cache-Control', 'max-age=3600,public')
        return output
示例#8
0
    def ical(self):
        c.schedule_collection = Schedule.find_all()

        ical = vobject.iCalendar()
        for schedule in c.schedule_collection:
            if not schedule.time_slot.heading:
                event = ical.add('vevent')
                event.add('uid').value = str(schedule.id) + '@' + Config.get('event_host')
                # Created
                tz = timezone(Config.get('time_zone'))
                event.add('created').value = schedule.creation_timestamp.replace(tzinfo=tz)
                # Last Modified
                event.add('dtstamp').value = schedule.last_modification_timestamp.replace(tzinfo=tz)
                event.add('last-modified').value = schedule.last_modification_timestamp.replace(tzinfo=tz)
                # Start and End Time
                event.add('dtstart').value = schedule.time_slot.start_time.replace(tzinfo=tz)
                event.add('dtend').value = schedule.time_slot.end_time.replace(tzinfo=tz)
                # Title and Author (need to add Author here)
                event.add('summary').value = schedule.event.computed_title() + '. ' + h.list_to_string(schedule.event.computed_speakers())
                # Abstract, if we have one
                event.add('description').value = schedule.event.computed_abstract()
                # Add a URL
                if schedule.event.proposal:
                    event.add('url').value = h.url_for(qualified=True, controller='schedule', action='view_talk', id=schedule.event.proposal.id)
                elif not (schedule.event.url is None or schedule.event.url == ''):
                    if schedule.event.url.startswith('https://') or schedule.event.url.startswith('http://'):
                        event.add('url').value = h.url_for(str(schedule.event.url))
                    else:
                        event.add('url').value = h.url_for(str(schedule.event.url), qualified=True)

                concurrent_schedules = schedule.event.schedule_by_time_slot(schedule.time_slot)
                for concurrent_schedule in concurrent_schedules:
                    if concurrent_schedule != schedule:
                        if concurrent_schedule in c.schedule_collection:
                            c.schedule_collection.remove(concurrent_schedule)

                locations = [concurrent_schedule.location.display_name for concurrent_schedule in concurrent_schedules]
                event.add('location').value = h.list_to_string(locations)

        response.charset = 'utf8'
        response.headers['content-type'] = 'text/calendar; charset=utf8'
        response.headers.add('content-transfer-encoding', 'binary')
        response.headers.add('Pragma', 'cache')
        response.headers.add('Cache-Control', 'max-age=3600,public')
        return ical.serialize()
示例#9
0
    def ical(self):
        c.schedule_collection = Schedule.find_all()

        ical = vobject.iCalendar()
        for schedule in c.schedule_collection:
            if not schedule.time_slot.heading:
                event = ical.add('vevent')
                event.add('uid').value = str(schedule.id) + '@' + Config.get('event_host')
                # Created
                tz = timezone(Config.get('time_zone'))
                event.add('created').value = schedule.creation_timestamp.replace(tzinfo=tz)
                # Last Modified
                event.add('dtstamp').value = schedule.last_modification_timestamp.replace(tzinfo=tz)
                event.add('last-modified').value = schedule.last_modification_timestamp.replace(tzinfo=tz)
                # Start and End Time
                event.add('dtstart').value = schedule.time_slot.start_time.replace(tzinfo=tz)
                event.add('dtend').value = schedule.time_slot.end_time.replace(tzinfo=tz)
                # Title and Author (need to add Author here)
                event.add('summary').value = schedule.event.computed_title() + '. ' + h.list_to_string(schedule.event.computed_speakers())
                # Abstract, if we have one
                event.add('description').value = schedule.event.computed_abstract()
                # Add a URL
                if schedule.event.proposal:
                    event.add('url').value = h.url_for(qualified=True, controller='schedule', action='view_talk', id=schedule.event.proposal.id)
                elif not (schedule.event.url is None or schedule.event.url == ''):
                    if schedule.event.url.startswith('https://') or schedule.event.url.startswith('http://'):
                        event.add('url').value = h.url_for(str(schedule.event.url))
                    else:
                        event.add('url').value = h.url_for(str(schedule.event.url), qualified=True)

                concurrent_schedules = schedule.event.schedule_by_time_slot(schedule.time_slot)
                for concurrent_schedule in concurrent_schedules:
                    if concurrent_schedule != schedule:
                        if concurrent_schedule in c.schedule_collection:
                            c.schedule_collection.remove(concurrent_schedule)

                locations = [concurrent_schedule.location.display_name for concurrent_schedule in concurrent_schedules]
                event.add('location').value = h.list_to_string(locations)

        response.charset = 'utf8'
        response.headers['content-type'] = 'text/calendar; charset=utf8'
        response.headers.add('content-transfer-encoding', 'binary')
        response.headers.add('Pragma', 'cache')
        response.headers.add('Cache-Control', 'max-age=3600,public')
        return ical.serialize()
示例#10
0
 def edit(self, id=None):
     #
     # Helpfully redirect to the correct URL.
     #
     if id is None:
         return redirect_to(h.url_for(id=h.signed_in_person().id))
     #
     # Only an organiser can edit someone elses photos.
     #
     if not h.auth.authorized(h.auth.Or(h.auth.is_same_zkpylons_user(id), h.auth.has_organiser_role)):
         h.auth.no_role()
     person_id = int(id, 10)
     c.open_date = lca_info.lca_info['date']
     c.days_open = (datetime.date.today() - c.open_date.date()).days
     photo_db = PhotoCompEntry.read_db()
     c.photo = lambda day, entry: PhotoCompEntry.get(photo_db, person_id, day, entry)
     c.is_organiser = h.auth.authorized(h.auth.has_organiser_role)
     c.DAYS_OPEN = DAYS_OPEN
     c.ENTRY_NAMES = ENTRY_NAMES
     return render('/photocomp/edit.mako')
示例#11
0
 def edit(self, id=None):
     #
     # Helpfully redirect to the correct URL.
     #
     if id is None:
         return redirect_to(h.url_for(id=h.signed_in_person().id))
     #
     # Only an organiser can edit someone elses photos.
     #
     if not h.auth.authorized(h.auth.Or(h.auth.is_same_zkpylons_user(id), h.auth.has_organiser_role)):
         h.auth.no_role()
     person_id = int(id, 10)
     c.open_date = lca_info.lca_info['date']
     c.days_open = (datetime.date.today() - c.open_date.date()).days
     photo_db = PhotoCompEntry.read_db()
     c.photo = lambda day, entry: PhotoCompEntry.get(photo_db, person_id, day, entry)
     c.is_organiser = h.auth.authorized(h.auth.has_organiser_role)
     c.DAYS_OPEN = DAYS_OPEN
     c.ENTRY_NAMES = ENTRY_NAMES
     return render('/photocomp/edit.mako')
示例#12
0
    def _edit(self, id):
        # We need to recheck auth in here so we can pass in the id
        if not h.auth.authorized(
                h.auth.Or(h.auth.is_same_zkpylons_submitter(id),
                          h.auth.has_organiser_role)):
            # Raise a no_auth error
            h.auth.no_role()

        if not h.auth.authorized(h.auth.has_organiser_role):
            if c.proposal_editing == 'closed' and not h.auth.authorized(
                    h.auth.has_late_submitter_role):
                return render("proposal/editing_closed.mako")
            elif c.proposal_editing == 'not_open':
                return render("proposal/editing_not_open.mako")

        c.proposal = Proposal.find_by_id(id)
        for key in self.form_result['proposal']:
            setattr(c.proposal, key, self.form_result['proposal'][key])

        c.proposal.abstract = self.clean_abstract(c.proposal.abstract)

        c.person = self.form_result['person_to_edit']
        if (c.person.id == h.signed_in_person().id
                or h.auth.authorized(h.auth.has_organiser_role)):
            for key in self.form_result['person']:
                setattr(c.person, key, self.form_result['person'][key])
            p_edit = "and author"
        else:
            p_edit = "(but not author)"

        meta.Session.commit()

        if lca_info['proposal_update_email'] != '':
            body = "Subject: %s Proposal Updated\n\nID:    %d\nTitle: %s\nType:  %s\nURL:   %s" % (
                h.lca_info['event_name'], c.proposal.id, c.proposal.title,
                c.proposal.type.name.lower(),
                "http://" + h.host_name() + h.url_for(action="view"))
            email(lca_info['proposal_update_email'], body)

        h.flash("Proposal %s edited!" % p_edit)
        return redirect_to('/proposal')
示例#13
0
    def generate_hash(self, id):
        if not h.auth.authorized(h.auth.Or(h.auth.is_same_zkpylons_attendee(id), h.auth.has_organiser_role, h.auth.has_unique_key())):
            # Raise a no_auth error
            h.auth.no_role()

        url = h.url_for(action='view', id=id)
        c.hash = URLHash.find_by_url(url=url)
        if c.hash is None:
            c.hash = URLHash()
            c.hash.url = url
            meta.Session.add(c.hash)
            meta.Session.commit()

            # create an entry for the payment page (not needed)
            # TODO: depending on how the gateway works, you may need to make sure you have permissions for the page you get redirected to
            #c.hash = URLHash()
            #c.hash.url = h.url_for(action='pay')
            #meta.Session.add(c.hash)
            #meta.Session.commit()

        return render('/invoice/generate_url.mako')
示例#14
0
    def generate_hash(self, id):
        if not h.auth.authorized(h.auth.Or(h.auth.is_same_zkpylons_attendee(id), h.auth.has_organiser_role, h.auth.has_unique_key())):
            # Raise a no_auth error
            h.auth.no_role()

        url = h.url_for(action='view', id=id)
        c.hash = URLHash.find_by_url(url=url)
        if c.hash is None:
            c.hash = URLHash()
            c.hash.url = url
            meta.Session.add(c.hash)
            meta.Session.commit()

            # create an entry for the payment page (not needed)
            # TODO: depending on how the gateway works, you may need to make sure you have permissions for the page you get redirected to
            #c.hash = URLHash()
            #c.hash.url = h.url_for(action='pay')
            #meta.Session.add(c.hash)
            #meta.Session.commit()

        return render('/invoice/generate_url.mako')
示例#15
0
    def _edit(self, id):
        # We need to recheck auth in here so we can pass in the id
        if not h.auth.authorized(h.auth.Or(h.auth.is_same_zkpylons_submitter(id), h.auth.has_organiser_role)):
            # Raise a no_auth error
            h.auth.no_role()

        if not h.auth.authorized(h.auth.has_organiser_role):
            if c.proposal_editing == "closed" and not h.auth.authorized(h.auth.has_late_submitter_role):
                return render("proposal/editing_closed.mako")
            elif c.proposal_editing == "not_open":
                return render("proposal/editing_not_open.mako")

        c.proposal = Proposal.find_by_id(id)
        for key in self.form_result["proposal"]:
            setattr(c.proposal, key, self.form_result["proposal"][key])

        c.proposal.abstract = self.clean_abstract(c.proposal.abstract)

        c.person = self.form_result["person_to_edit"]
        if c.person.id == h.signed_in_person().id or h.auth.authorized(h.auth.has_organiser_role):
            for key in self.form_result["person"]:
                setattr(c.person, key, self.form_result["person"][key])
            p_edit = "and author"
        else:
            p_edit = "(but not author)"

        meta.Session.commit()

        if lca_info["proposal_update_email"] != "":
            body = "Subject: %s Proposal Updated\n\nID:    %d\nTitle: %s\nType:  %s\nURL:   %s" % (
                h.lca_info["event_name"],
                c.proposal.id,
                c.proposal.title,
                c.proposal.type.name.lower(),
                "http://" + h.host_name() + h.url_for(action="view"),
            )
            email(lca_info["proposal_update_email"], body)

        h.flash("Proposal %s edited!" % p_edit)
        return redirect_to("/proposal")
示例#16
0
文件: review.py 项目: Secko/zookeepr
    def edit(self, id):
        c.review = Review.find_by_id(id)

        redirect_to(h.url_for(controller='proposal', id=c.review.proposal.id, action='review'))
示例#17
0
 def page(self):
     url = h.url_for().strip("/")
     c.db_content = DbContent.find_by_url(url, abort_404=False)
     if c.db_content is not None:
         return self.view(c.db_content.id)
     return NotFoundController().view()
示例#18
0
 def page(self):
     url = h.url_for().strip("/")
     c.db_content = DbContent.find_by_url(url, abort_404=False)
     if c.db_content is not None:
        return self.view(c.db_content.id)
     return NotFoundController().view()