votes = query_db('select *, votes.id as voteid, groups.name as groupname from votes \
join groups on groups.id=votes.id_group \
where is_hidden=0 order by id desc')
- return render_template('admin_votes.html', votes=votes, today=date.today().strftime("%Y-%m-%d"))
+ return render_template('admin_votes.html', votes=votes
+ , today=date.today().strftime("%Y-%m-%d")
+ , can_delete_votes=CAN_DELETE_VOTES
+ )
@app.route('/admin/votes/add', methods=['GET', 'POST'])
def admin_vote_add():
def admin_vote_del(idvote):
if not session.get('user').get('is_admin'):
abort(401)
- vote = query_db('select * from votes where id = ?', [idvote], one=True)
- if vote is None:
- abort(404)
- g.db.execute('update votes set is_hidden=1 where id = ?', [idvote])
- g.db.commit()
+ if not CAN_DELETE_VOTES:
+ flash(u'La configuration interdit la suppression des votes.', 'error')
+ else:
+ if vote is None:
+ abort(404)
+ g.db.execute('update votes set is_hidden=1 where id = ?', [idvote])
+ g.db.commit()
return redirect(url_for('admin_votes'))
@app.route('/admin/votes/addchoice/<voteid>', methods=['POST'])
PASSWD_SALT = 'change this value to some random chars!'
SECRET_KEY = '{J@uRKO,xO-PK7B,jF?>iHbxLasF9s#zjOoy=+:'
DEBUG = True
+CAN_DELETE_VOTES = False
TITLE = u"Cavote"
EMAIL = '"' + TITLE + '"' + ' <' + u"contact+cavote@localhost.localdomain" + '>'
VERSION = "cavote 0.4.0"
<td>
<a href="{{ url_for('vote', idvote=vote.voteid) }}" class="btn btn-success btn-mini">Voir</a>
<a href="{{ url_for('admin_vote_edit', voteid=vote.voteid) }}" class="btn btn-mini">Éditer</a>
- <a href="#delete{{ vote.voteid }}" data-toggle="modal" class="btn btn-mini btn-danger">Supprimer</a>
+ {% if can_delete_votes %}<a href="#delete{{ vote.voteid }}" data-toggle="modal" class="btn btn-mini btn-danger">Supprimer</a>{% endif %}
</td>
</tr>
<div class="modal hide fade" id="delete{{ vote.voteid }}">