@ -123,7 +123,8 @@ upload_handler_regular = portal.regular.UploadHandlerRegular(
MAIL_SUBJECT = MAIL_SUBJECT ,
MAIL_SUBJECT = MAIL_SUBJECT ,
MAIL_BODY = MAIL_BODY ,
MAIL_BODY = MAIL_BODY ,
CONTRACT_CLIENT_CONTACT = CONTRACT_CLIENT_CONTACT ,
CONTRACT_CLIENT_CONTACT = CONTRACT_CLIENT_CONTACT ,
MAX_FILES_PER_UPLOAD = MAX_FILES_PER_UPLOAD
MAX_FILES_PER_UPLOAD = MAX_FILES_PER_UPLOAD ,
APP_SECRET_KEY = APP_SECRET_KEY
)
)
upload_handler_solar = portal . solar . UploadHandlerSolar (
upload_handler_solar = portal . solar . UploadHandlerSolar (
@ -136,7 +137,8 @@ upload_handler_solar = portal.solar.UploadHandlerSolar(
MAIL_SUBJECT = MAIL_SUBJECT ,
MAIL_SUBJECT = MAIL_SUBJECT ,
MAIL_BODY = MAIL_BODY ,
MAIL_BODY = MAIL_BODY ,
CONTRACT_CLIENT_CONTACT = CONTRACT_CLIENT_CONTACT ,
CONTRACT_CLIENT_CONTACT = CONTRACT_CLIENT_CONTACT ,
MAX_FILES_PER_UPLOAD = MAX_FILES_PER_UPLOAD
MAX_FILES_PER_UPLOAD = MAX_FILES_PER_UPLOAD ,
APP_SECRET_KEY = APP_SECRET_KEY
)
)
@ -217,6 +219,9 @@ def solar_register_post():
name = request . form . get ( ' name ' )
name = request . form . get ( ' name ' )
email = request . form . get ( ' email ' )
email = request . form . get ( ' email ' )
password = request . form . get ( ' password ' )
password = request . form . get ( ' password ' )
institution_name = request . form . get ( ' institution ' )
institution_role = request . form . get ( ' role ' )
institution = portal . base . get_institution_obj_by_name ( institution_name )
user = RegisteredUser . query . filter_by ( email = email ) . first ( )
user = RegisteredUser . query . filter_by ( email = email ) . first ( )
@ -248,7 +253,17 @@ def solar_register_post():
flash ( ' Predolgo geslo. ' )
flash ( ' Predolgo geslo. ' )
return redirect ( ' /solar/register ' )
return redirect ( ' /solar/register ' )
portal . base . register_new_user ( name , email , password , active = False )
if not institution :
flash ( ' Institucija ne obstaja. ' )
return redirect ( ' /solar/register ' )
if institution_role not in [ ' coordinator ' , ' mentor ' , ' other ' ] :
flash ( ' Neveljavna vloga v instituciji. ' )
return redirect ( ' /solar/register ' )
user_id = portal . base . register_new_user ( name , email , password , active = False )
portal . base . add_user_to_institution ( user_id , institution . id , institution_role )
flash ( ' Uspešna registracija. ' )
flash ( ' Uspešna registracija. ' )
return redirect ( ' /solar/login ' )
return redirect ( ' /solar/login ' )
@ -270,13 +285,20 @@ def logout():
def solar ( text ) :
def solar ( text ) :
is_admin = current_user . role == ' admin '
is_admin = current_user . role == ' admin '
current_user_institution = portal . base . get_user_institution ( current_user . id )
current_user_institution = portal . base . get_user_institution ( current_user . id )
current_user_obj = portal . base . get_user_obj ( current_user . get_id ( ) )
institution_contract = None
if current_user_institution :
if current_user_institution :
current_user_institution_moderator = portal . base . is_institution_moderator ( current_user . id , current_user_institution . id )
current_user_institution_coordinator = portal . base . is_institution_coordinator ( current_user . id , current_user_institution . id )
institution_contract = portal . base . get_institution_contract ( current_user_institution . id )
else :
else :
current_user_institution_ moder ator = False
current_user_institution_ coordin ator = False
if text . startswith ( ' oddaja/ ' ) or text == ' oddaja ' :
if text . startswith ( ' oddaja/ ' ) or text == ' oddaja ' :
return render_template ( ' solar-oddaja.html ' , is_admin = is_admin , is_institution_moderator = current_user_institution_moderator )
return render_template ( ' solar-oddaja.html ' ,
is_admin = is_admin ,
institution = current_user_institution ,
institution_contract = institution_contract ,
is_institution_coordinator = current_user_institution_coordinator )
elif text . startswith ( ' zgodovina/ ' ) or text == ' zgodovina ' :
elif text . startswith ( ' zgodovina/ ' ) or text == ' zgodovina ' :
upload_items = portal . solar . get_upload_history ( current_user . id )
upload_items = portal . solar . get_upload_history ( current_user . id )
uploader_names = [ ]
uploader_names = [ ]
@ -289,58 +311,66 @@ def solar(text):
else :
else :
institution_names . append ( institution . name )
institution_names . append ( institution . name )
return render_template ( ' solar-zgodovina.html ' , upload_history = upload_items , uploader_names = uploader_names ,
return render_template ( ' solar-zgodovina.html ' , upload_history = upload_items , uploader_names = uploader_names ,
institution_names = institution_names , is_admin = is_admin , is_institution_ moderator= current_user_institution_moder ator)
institution_names = institution_names , is_admin = is_admin , is_institution_ coordinator= current_user_institution_coordin ator)
elif text . startswith ( ' pogodbe /' ) or text == ' pogodbe ' :
elif text . startswith ( ' pogodbe -institucije /' ) or text . startswith ( ' pogodbe-ucencistarsi/ ' ) :
# Check for ownload contract request.
# Check for ownload contract request.
match = re . match ( ' ^pogodbe /([a-z0-9_]+\ .pdf)$ ' , text )
match = re . match ( ' ^pogodbe -(institucije|ucencistarsi) /([a-z0-9_]+\ .pdf)$ ' , text )
if match :
if match :
filename = match . group ( 1 )
contract_type = match . group ( 1 )
filename = match . group ( 2 )
if len ( filename ) < 10 :
if len ( filename ) < 10 :
return ' ' , 404
return ' ' , 404
prefix = filename [ : 2 ]
prefix = filename [ : 2 ]
suffix = filename [ 2 : ]
suffix = filename [ 2 : ]
f_hash = filename . split ( ' . ' ) [ 0 ]
if contract_type == ' institucije ' :
actual_filename = portal . base . get_actual_institution_contract_filename ( f_hash )
else :
actual_filename = portal . base . get_actual_studentparent_contract_filename ( f_hash )
safe_path = safe_join ( str ( upload_handler_solar . get_uploads_subdir ( ' contracts ' ) ) , prefix , suffix )
safe_path = safe_join ( str ( upload_handler_solar . get_uploads_subdir ( ' contracts ' ) ) , prefix , suffix )
try :
try :
return send_file ( safe_path , as_attachment = True )
return send_file ( safe_path , a ttachment_filename= actual_filename , a s_attachment= True )
except FileNotFoundError :
except FileNotFoundError :
return ' ' , 404
return ' ' , 404
elif text . startswith ( ' pogodbe/ ' ) or text == ' pogodbe ' :
user_obj = portal . base . get_user_obj ( current_user . get_id ( ) )
institution = portal . base . get_user_institution ( user_obj . id )
contracts_students = [ ]
contracts_students = [ ]
contract_school = [ ]
contract_school = [ ]
enable_upload_school_contract = False
enable_upload_school_contract = False
show_upload_form = False
show_upload_form = False
collaborators = [ ]
collaborators = [ ]
if institution :
cooperation_history = dict ( )
collaborators = portal . base . get_all_active_institution_users ( institution . id )
if current_user_institution :
collaborators = portal . base . get_all_active_institution_users ( current_user_institution . id )
show_upload_form = True
show_upload_form = True
contract_school = portal . solar . get_institution_contract ( institution . id )
contract_school = portal . solar . get_institution_contract ( current_user_institution . id )
if portal . base . is_institution_moderator ( user_obj . id , institution . id ) :
cooperation_history = portal . base . get_institution_cooperation_history ( current_user_institution . id )
contracts_students = portal . solar . get_institution_student_contracts ( institution . id )
if portal . base . is_institution_coordinator ( current_user_obj . id , current_user_institution . id ) :
contracts_students = portal . solar . get_institution_student_contracts ( current_user_institution . id )
enable_upload_school_contract = True
enable_upload_school_contract = True
else :
else :
contracts_students = portal . solar . get_institution_student_contracts ( institution. id , user_obj. id )
contracts_students = portal . solar . get_institution_student_contracts ( current_user_ institution. id , current_ user_obj. id )
return render_template ( ' solar-pogodbe.html ' , contracts_students = contracts_students ,
return render_template ( ' solar-pogodbe.html ' , contracts_students = contracts_students ,
contract_school = contract_school ,
contract_school = contract_school ,
enable_upload_school_contract = enable_upload_school_contract ,
enable_upload_school_contract = enable_upload_school_contract ,
show_upload_form = show_upload_form ,
show_upload_form = show_upload_form ,
collaborators = collaborators ,
collaborators = collaborators ,
is_admin = is_admin , is_institution_moderator = current_user_institution_moderator )
cooperation_history = cooperation_history ,
is_admin = is_admin , is_institution_coordinator = current_user_institution_coordinator )
elif text . startswith ( ' admin/ ' ) or text == ' admin ' :
elif text . startswith ( ' admin/ ' ) or text == ' admin ' :
users = portal . base . get_all_ active_ users_join_institutions( )
users = portal . base . get_all_ users_join_institutions( )
inactive_users = portal . base . get_all_ inactive_users( )
inactive_users = portal . base . get_all_ users_join_institutions( active = False )
solar_institutions = portal . solar . get_all_institutions ( )
solar_institutions = portal . solar . get_all_institutions ( )
cooperation_history = portal . base . get_cooperation_history ( )
if is_admin :
if is_admin :
return render_template ( ' solar-admin.html ' , users = users ,
return render_template ( ' solar-admin.html ' , users = users , user_cooperation_history = cooperation_history ,
institutions = solar_institutions , inactive_users = inactive_users )
institutions = solar_institutions , inactive_users = inactive_users )
elif text . startswith ( ' manage-institution/ ' ) or text == ' manage-institution ' :
elif text . startswith ( ' manage-institution/ ' ) or text == ' manage-institution ' :
institution = portal . base . get_user_institution ( current_user . id )
if portal . base . is_institution_coordinator ( current_user . id , current_user_institution . id ) :
if portal . base . is_institution_moderator ( current_user . id , institution . id ) :
solar_users = portal . base . get_all_active_users ( )
solar_users = portal . base . get_all_active_users ( )
institution_users = portal . base . get_all_active_institution_users ( institution. id )
institution_users = portal . base . get_all_active_institution_users ( current_user_ institution. id )
return render_template ( ' solar-manage-institution.html ' , users = solar_users ,
return render_template ( ' solar-manage-institution.html ' , users = solar_users ,
institution_users = institution_users )
institution_users = institution_users )
return ' ' , 404
return ' ' , 404
@ -420,7 +450,7 @@ def solar_forgotpass():
def solar_sendresetpass ( ) :
def solar_sendresetpass ( ) :
email = request . form . get ( ' email ' )
email = request . form . get ( ' email ' )
portal . base . send_resetpass_mail ( email , upload_handler_ regu lar. config )
portal . base . send_resetpass_mail ( email , upload_handler_ so lar. config )
flash ( ' Povezava za ponastavitev gesla je bila poslana na vpisan email naslov. ' )
flash ( ' Povezava za ponastavitev gesla je bila poslana na vpisan email naslov. ' )
return redirect ( redirect_url ( ) )
return redirect ( redirect_url ( ) )
@ -428,7 +458,7 @@ def solar_sendresetpass():
@app.route ( ' /solar/resetpass/<token> ' )
@app.route ( ' /solar/resetpass/<token> ' )
def solar_resetpass ( token ) :
def solar_resetpass ( token ) :
user = portal . base . verify_reset_token ( token )
user = portal . base . verify_reset_token ( token , upload_handler_solar . config [ ' APP_SECRET_KEY ' ] )
if not user :
if not user :
return ' ' , 404
return ' ' , 404
@ -439,7 +469,7 @@ def solar_resetpass(token):
@app.route ( ' /solar/resetpass/<token> ' , methods = [ ' POST ' ] )
@app.route ( ' /solar/resetpass/<token> ' , methods = [ ' POST ' ] )
def solar_resetpass_post ( token ) :
def solar_resetpass_post ( token ) :
new_password = request . form . get ( ' new_password ' )
new_password = request . form . get ( ' new_password ' )
user = portal . base . verify_reset_token ( token )
user = portal . base . verify_reset_token ( token , upload_handler_solar . config [ ' APP_SECRET_KEY ' ] )
if not user :
if not user :
return ' ' , 404
return ' ' , 404
@ -448,7 +478,8 @@ def solar_resetpass_post(token):
if rowcount == 0 :
if rowcount == 0 :
return ' ' , 404
return ' ' , 404
return ' Ponastavitev gesla uspešna. '
flash ( ' Ponastavitev gesla je bila uspešna. ' )
return redirect ( ' /solar/login ' )
@app.route ( ' /solar/topuploads ' )
@app.route ( ' /solar/topuploads ' )
@ -460,9 +491,12 @@ def solar_topuploads_srednje():
@app.route ( ' /solar/deluser ' , methods = [ ' POST ' ] )
@app.route ( ' /solar/deluser ' , methods = [ ' POST ' ] )
@login_required
@login_required
def solar_del_user ( ) :
def solar_del_user ( ) :
# TODO: check if user is institution moderator for the added users institution or is an admin
if not portal . base . is_admin ( current_user . id ) :
# TODO: delete from "user", "user_institution_mapping", update "institution_contract" set user to NULL
return ' ' , 404
return ' ' , 404
user_id = request . form . get ( ' user_id ' )
portal . base . del_user ( user_id )
flash ( ' Uporabnik je bil odstranjen. ' )
return redirect ( redirect_url ( ) )
@app.route ( ' /<corpus_name>/addinstitution ' , methods = [ ' POST ' ] )
@app.route ( ' /<corpus_name>/addinstitution ' , methods = [ ' POST ' ] )
@login_required
@login_required
@ -482,11 +516,8 @@ def add_institution(corpus_name):
flash ( ' Predolgo ime. ' )
flash ( ' Predolgo ime. ' )
return redirect ( redirect_url ( ) )
return redirect ( redirect_url ( ) )
if not region :
if not region in portal . solar . VALID_REGIONS :
flash ( ' Prazno polje za regijo. ' )
flash ( ' Neveljavna vrednost za regijo. ' )
return redirect ( redirect_url ( ) )
if len ( region ) > 100 :
flash ( ' Predolgi niz za regijo. ' )
return redirect ( redirect_url ( ) )
return redirect ( redirect_url ( ) )
institution_id = portal . base . add_institution ( name , region )
institution_id = portal . base . add_institution ( name , region )
@ -506,37 +537,34 @@ def add_user_institution_mapping(corpus_name):
if institution :
if institution :
institution_id = institution . id
institution_id = institution . id
if not ( portal . base . is_admin ( current_user . id ) or portal . base . is_institution_ moder ator( current_user . id , institution_id ) ) :
if not ( portal . base . is_admin ( current_user . id ) or portal . base . is_institution_ coordin ator( current_user . id , institution_id ) ) :
return ' ' , 404
return ' ' , 404
user_id = request . form [ ' user_id ' ]
user_id = request . form [ ' user_id ' ]
role = request . form [ ' role ' ]
role = request . form [ ' role ' ]
if role not in [ ' moderator' , ' us er' ] :
if role not in [ ' coordinator' , ' mentor ' , ' oth er' ] :
return ' ' , 404
return ' ' , 404
if portal . base . get_user_institution ( user_id ) :
if portal . base . get_user_institution ( user_id ) :
flash ( ' Uporabnik je že dodeljen instituciji. Dodeljevanje večim institucijam ' \
flash ( ' Uporabnik je že dodeljen instituciji. ' )
' zaenkrat ni implementirano. ' )
return redirect ( redirect_url ( ) )
return redirect ( redirect_url ( ) )
portal . base . add_user_to_institution ( user_id , institution_id , role )
portal . base . add_user_to_institution ( user_id , institution_id , role )
flash ( ' Uporabnik je bil dodeljen instituciji. ' )
flash ( ' Uporabnik je bil dodeljen instituciji. ' )
return redirect ( redirect_url ( ) )
return redirect ( redirect_url ( ) )
@app.route ( ' / <corpus_name> /deluserfrominstitution' , methods = [ ' POST ' ] )
@app.route ( ' / solar /deluserfrominstitution' , methods = [ ' POST ' ] )
@login_required
@login_required
def del_user_institution_mapping ( corpus_name ) :
def del_user_institution_mapping ( ) :
institution = portal . base . get_user_institution ( current_user . id )
if not portal . base . is_admin ( current_user . id ) \
and not portal . base . is_institution_moderator ( current_user . id , institution . id ) :
return ' ' , 404
if not corpus_name in ENABLED_CORPUSES :
return ' ' , 404
user_id = request . form [ ' user_id ' ]
user_id = request . form [ ' user_id ' ]
institution = portal . base . get_user_institution ( user_id )
if not institution :
flash ( ' Uporabnik ni član nobene institucije. ' )
return redirect ( redirect_url ( ) )
if not portal . base . is_institution_member ( user_id , institution . id ) :
if not portal . base . is_admin ( current_user . id ) \
flash ( ' Uporabnik ni član vaše institucije. ' )
and not portal . base . is_institution_coordinator ( current_user . id , institution . id ) :
flash ( ' Nimate ustreznih pravic za odstranitev uporabnika iz institucije. ' )
return redirect ( redirect_url ( ) )
return redirect ( redirect_url ( ) )
portal . base . del_user_from_institution ( user_id , institution . id )
portal . base . del_user_from_institution ( user_id , institution . id )