Conservancy/symposion_app
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update sha_constructor to hashlib.sha256

Browse source
This commit is contained in:
Volodymyr Hotsyk 2014-07-05 16:21:49 +03:00
parent 7596729ec1
commit 3ad6d4cfef
1 changed files with 37 additions and 33 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

70
symposion/proposals/views.py
View file

@ -6,7 +6,7 @@ from django.core.exceptions import ObjectDoesNotExist
from django.db.models import Q
from django.http import Http404, HttpResponse, HttpResponseForbidden
from django.shortcuts import render, redirect, get_object_or_404
from django.utils.hashcompat import sha_constructor
from hashlib import sha256
from django.views import static
from django.contrib import messages
@ -14,12 +14,16 @@ from django.contrib.auth.models import User
from django.contrib.auth.decorators import login_required
from account.models import EmailAddress
from symposion.proposals.models import ProposalBase, ProposalSection, ProposalKind
from symposion.proposals.models import (
ProposalBase, ProposalSection, ProposalKind
)
from symposion.proposals.models import SupportingDocument, AdditionalSpeaker
from symposion.speakers.models import Speaker
from symposion.utils.mail import send_email
from symposion.proposals.forms import AddSpeakerForm, SupportingDocumentCreateForm
from symposion.proposals.forms import (
AddSpeakerForm, SupportingDocumentCreateForm
)
def get_form(name):
@ -37,21 +41,21 @@ def proposal_submit(request):
request.user.speaker_profile
except ObjectDoesNotExist:
return redirect("dashboard")
kinds = []
for proposal_section in ProposalSection.available():
for kind in proposal_section.section.proposal_kinds.all():
kinds.append(kind)
return render(request, "proposals/proposal_submit.html", {
"kinds": kinds,
})
def proposal_submit_kind(request, kind_slug):
kind = get_object_or_404(ProposalKind, slug=kind_slug)
if not request.user.is_authenticated():
return redirect("home") # @@@ unauth'd speaker info page?
else:
@ -59,12 +63,12 @@ def proposal_submit_kind(request, kind_slug):
speaker_profile = request.user.speaker_profile
except ObjectDoesNotExist:
return redirect("dashboard")
if not kind.section.proposalsection.is_available():
return redirect("proposal_submit")
form_class = get_form(settings.PROPOSAL_FORMS[kind_slug])
if request.method == "POST":
form = form_class(request.POST)
if form.is_valid():
@ -79,7 +83,7 @@ def proposal_submit_kind(request, kind_slug):
return redirect("dashboard")
else:
form = form_class()
return render(request, "proposals/proposal_submit_kind.html", {
"kind": kind,
"form": form,
@ -91,17 +95,17 @@ def proposal_speaker_manage(request, pk):
queryset = ProposalBase.objects.select_related("speaker")
proposal = get_object_or_404(queryset, pk=pk)
proposal = ProposalBase.objects.get_subclass(pk=proposal.pk)
if proposal.speaker != request.user.speaker_profile:
raise Http404()
if request.method == "POST":
add_speaker_form = AddSpeakerForm(request.POST, proposal=proposal)
if add_speaker_form.is_valid():
message_ctx = {
"proposal": proposal,
}
def create_speaker_token(email_address):
# create token and look for an existing speaker to prevent
# duplicate tokens and confusing the pending speaker
@ -110,8 +114,8 @@ def proposal_speaker_manage(request, pk):
Q(user=None, invite_email=email_address)
)
except Speaker.DoesNotExist:
salt = sha_constructor(str(random.random())).hexdigest()[:5]
token = sha_constructor(salt + email_address).hexdigest()
salt = sha256(str(random.random())).hexdigest()[:5]
token = sha256(salt + email_address).hexdigest()
pending = Speaker.objects.create(
invite_email=email_address,
invite_token=token,
@ -173,14 +177,14 @@ def proposal_edit(request, pk):
if request.user != proposal.speaker.user:
raise Http404()
if not proposal.can_edit():
ctx = {
"title": "Proposal editing closed",
"body": "Proposal editing is closed for this session type."
}
return render(request, "proposals/proposal_error.html", ctx)
form_class = get_form(settings.PROPOSAL_FORMS[proposal.kind.slug])
if request.method == "POST":
@ -206,7 +210,7 @@ def proposal_edit(request, pk):
return redirect("proposal_detail", proposal.pk)
else:
form = form_class(instance=proposal)
return render(request, "proposals/proposal_edit.html", {
"proposal": proposal,
"form": form,
@ -218,22 +222,22 @@ def proposal_detail(request, pk):
queryset = ProposalBase.objects.select_related("speaker", "speaker__user")
proposal = get_object_or_404(queryset, pk=pk)
proposal = ProposalBase.objects.get_subclass(pk=proposal.pk)
if request.user not in [p.user for p in proposal.speakers()]:
raise Http404()
if "symposion.reviews" in settings.INSTALLED_APPS:
from symposion.reviews.forms import SpeakerCommentForm
message_form = SpeakerCommentForm()
if request.method == "POST":
message_form = SpeakerCommentForm(request.POST)
if message_form.is_valid():
message = message_form.save(commit=False)
message.user = request.user
message.proposal = proposal
message.save()
ProposalMessage = SpeakerCommentForm.Meta.model
reviewers = User.objects.filter(
id__in=ProposalMessage.objects.filter(
@ -242,7 +246,7 @@ def proposal_detail(request, pk):
user=request.user
).distinct().values_list("user", flat=True)
)
for reviewer in reviewers:
ctx = {
"proposal": proposal,
@ -253,13 +257,13 @@ def proposal_detail(request, pk):
[reviewer.email], "proposal_new_message",
context=ctx
)
return redirect(request.path)
else:
message_form = SpeakerCommentForm()
else:
message_form = None
return render(request, "proposals/proposal_detail.html", {
"proposal": proposal,
"message_form": message_form
@ -271,7 +275,7 @@ def proposal_cancel(request, pk):
queryset = ProposalBase.objects.select_related("speaker")
proposal = get_object_or_404(queryset, pk=pk)
proposal = ProposalBase.objects.get_subclass(pk=proposal.pk)
if proposal.speaker.user != request.user:
return HttpResponseForbidden()
@ -281,7 +285,7 @@ def proposal_cancel(request, pk):
# @@@ fire off email to submitter and other speakers
messages.success(request, "%s has been cancelled" % proposal.title)
return redirect("dashboard")
return render(request, "proposals/proposal_cancel.html", {
"proposal": proposal,
})
@ -339,10 +343,10 @@ def document_create(request, proposal_pk):
queryset = ProposalBase.objects.select_related("speaker")
proposal = get_object_or_404(queryset, pk=proposal_pk)
proposal = ProposalBase.objects.get_subclass(pk=proposal.pk)
if proposal.cancelled:
return HttpResponseForbidden()
if request.method == "POST":
form = SupportingDocumentCreateForm(request.POST, request.FILES)
if form.is_valid():
@ -353,7 +357,7 @@ def document_create(request, proposal_pk):
return redirect("proposal_detail", proposal.pk)
else:
form = SupportingDocumentCreateForm()
return render(request, "proposals/document_create.html", {
"proposal": proposal,
"form": form,
@ -378,8 +382,8 @@ def document_download(request, pk, *args):
def document_delete(request, pk):
document = get_object_or_404(SupportingDocument, pk=pk, uploaded_by=request.user)
proposal_pk = document.proposal.pk
if request.method == "POST":
document.delete()
return redirect("proposal_detail", proposal_pk)