order by random()')
g.db.execute('delete from user_choice_buffer_anonymous')
g.db.commit()
- g.db.execute('insert into user_vote (id_user, id_vote) \
- values (?, ?)'
- , [session.get('user').get('id'), vote['id']])
+ comment = request.form.get('comment', None)
+ g.db.execute('insert into user_vote (id_user, id_vote, comment) \
+ values (?, ?, ?)'
+ , [session.get('user').get('id'), vote['id'], comment])
g.db.commit()
else:
abort(401)
# ACTION: query users' choices joined with users' identity if not anonymous
user_choices = query_db('select user_choice.id_user as userid, users.name as username, \
choices.id as choiceid, choices.name as choice_name, \
- user_choice.weight as weight \
+ user_choice.weight as weight, user_vote.comment as comment \
from choices \
join user_choice on choices.id = user_choice.id_choice \
left join users on userid = users.id \
# ACTION: list user results per user
users = OrderedDict()
if vote['is_anonymous']:
- user_votes = query_db('select users.name, id_user as userid \
+ user_votes = query_db('select users.name, id_user as userid, comment \
from user_vote \
join users on users.id = id_user where id_vote = ?', [idvote])
for uc in user_votes:
users[uc['userid']] = { 'username':uc['name']
+ , 'comment':uc['comment']
, 'choices':{}
, 'userid':uc['userid'] }
else:
else:
users[uc['userid']] = { 'userid':uc['userid']
, 'username':uc['username']
+ , 'comment':uc['comment']
, 'choices':{uc['choiceid']:value} }
attachments = query_db('select * from attachments where id_vote=?', [idvote])
if query_db('select * from user_group where id_group = ? and id_user = ?'
votes = query_db('select *, votes.id as voteid, groups.name as groupname from votes \
join groups on groups.id=votes.id_group \
where is_hidden=0 order by id desc')
- return render_template('admin_votes.html', votes=votes, today=date.today().strftime("%Y-%m-%d"))
+ return render_template('admin_votes.html', votes=votes
+ , today=date.today().strftime("%Y-%m-%d")
+ , can_delete_votes=CAN_DELETE_VOTES
+ )
@app.route('/admin/votes/add', methods=['GET', 'POST'])
def admin_vote_add():
def admin_vote_del(idvote):
if not session.get('user').get('is_admin'):
abort(401)
- vote = query_db('select * from votes where id = ?', [idvote], one=True)
- if vote is None:
- abort(404)
- g.db.execute('update votes set is_hidden=1 where id = ?', [idvote])
- g.db.commit()
+ if not CAN_DELETE_VOTES:
+ flash(u'La configuration interdit la suppression des votes.', 'error')
+ else:
+ if vote is None:
+ abort(404)
+ g.db.execute('update votes set is_hidden=1 where id = ?', [idvote])
+ g.db.commit()
return redirect(url_for('admin_votes'))
@app.route('/admin/votes/addchoice/<voteid>', methods=['POST'])