From 72d30f68410d38dc843c5f54a3a5770e8cea281f Mon Sep 17 00:00:00 2001 From: Guillaume Subiron Date: Mon, 4 Jun 2012 22:08:54 +0200 Subject: [PATCH] can_vote and can_see_vote supports groups, plus some debug --- main.py | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/main.py b/main.py index bb092ac..e86e453 100755 --- a/main.py +++ b/main.py @@ -293,7 +293,7 @@ def votes(votes): max_votes ='select id_group, count(*) as max_votes from user_group group by id_group' basequery = 'select votes.*, max_votes from votes join (' + max_votes + ') as max_votes on votes.id_group = max_votes.id_group' nb_votes = 'select id_vote, count(*) as nb_votes from (select id_user, id_vote from user_choice join choices on id_choice = choices.id group by id_user, id_vote) group by id_vote' - basequery = 'select * from (' + basequery + ') join (' + nb_votes + ') on id = id_vote' + basequery = 'select * from (' + basequery + ') left join (' + nb_votes + ') on id = id_vote' basequery = 'select *, votes.id as voteid, groups.name as groupname from (' + basequery + ') as votes join groups on groups.id = id_group where is_open=1' if votes == 'all': votes = query_db(basequery + ' order by id desc') @@ -304,6 +304,8 @@ def votes(votes): else: abort(404) for vote in votes: + if not vote.get('nb_votes'): + vote['nb_votes'] = 0 vote['percent'] = int((float(vote['nb_votes']) / float(vote['max_votes'])) * 100) return render_template('votes.html', votes=votes, active_button=active_button) @@ -313,18 +315,24 @@ def votes(votes): def can_see_vote(idvote, iduser=-1): vote = query_db('select * from votes where id=?', [idvote], one=True) if vote is None: - abort(404) + return False if not vote['is_public']: user = query_db('select * from users where id=?', [iduser], one=True) - if user is None: # :TODO:maethor:120604: Check others things (groups) + if query_db('select * from user_group where id_user = ? and id_group = ?', [iduser, vote['id']], one=True) is None: return False return True + + def can_vote(idvote, iduser=-1): + vote = query_db('select * from votes where id=?', [idvote], one=True) + if vote is None: + return False if iduser > 0: if can_see_vote(idvote, iduser): if not has_voted(idvote, iduser): - return True # :TODO:maethor:120529: Check others things (groups) + if query_db('select * from user_group where id_user = ? and id_group = ?', [iduser, vote['id']], one=True): + return True return False def has_voted(idvote, iduser=-1): @@ -373,8 +381,8 @@ def vote(idvote): vote['nb_votes'] = tmp['nb'] vote['percent'] = int((float(vote['nb_votes']) / float(vote['max_votes'])) * 100) return render_template('vote.html', vote=vote, attachments=attachments, choices=choices, users=users.values(), can_vote=can_vote(idvote, get_userid())) - flash('Vous n\'avez pas le droit de voir ce vote, désolé.') - return(url_for('home')) + flash(u'Vous n\'avez pas le droit de voir ce vote, désolé.') + return redirect(url_for('home')) @app.route('/vote/deletechoices//') def vote_deletechoices(idvote, iduser): -- 2.20.1