Update sha_constructor to hashlib.sha256
This commit is contained in:
parent
7596729ec1
commit
3ad6d4cfef
1 changed files with 37 additions and 33 deletions
|
@ -6,7 +6,7 @@ from django.core.exceptions import ObjectDoesNotExist
|
||||||
from django.db.models import Q
|
from django.db.models import Q
|
||||||
from django.http import Http404, HttpResponse, HttpResponseForbidden
|
from django.http import Http404, HttpResponse, HttpResponseForbidden
|
||||||
from django.shortcuts import render, redirect, get_object_or_404
|
from django.shortcuts import render, redirect, get_object_or_404
|
||||||
from django.utils.hashcompat import sha_constructor
|
from hashlib import sha256
|
||||||
from django.views import static
|
from django.views import static
|
||||||
|
|
||||||
from django.contrib import messages
|
from django.contrib import messages
|
||||||
|
@ -14,12 +14,16 @@ from django.contrib.auth.models import User
|
||||||
from django.contrib.auth.decorators import login_required
|
from django.contrib.auth.decorators import login_required
|
||||||
|
|
||||||
from account.models import EmailAddress
|
from account.models import EmailAddress
|
||||||
from symposion.proposals.models import ProposalBase, ProposalSection, ProposalKind
|
from symposion.proposals.models import (
|
||||||
|
ProposalBase, ProposalSection, ProposalKind
|
||||||
|
)
|
||||||
from symposion.proposals.models import SupportingDocument, AdditionalSpeaker
|
from symposion.proposals.models import SupportingDocument, AdditionalSpeaker
|
||||||
from symposion.speakers.models import Speaker
|
from symposion.speakers.models import Speaker
|
||||||
from symposion.utils.mail import send_email
|
from symposion.utils.mail import send_email
|
||||||
|
|
||||||
from symposion.proposals.forms import AddSpeakerForm, SupportingDocumentCreateForm
|
from symposion.proposals.forms import (
|
||||||
|
AddSpeakerForm, SupportingDocumentCreateForm
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
def get_form(name):
|
def get_form(name):
|
||||||
|
@ -37,21 +41,21 @@ def proposal_submit(request):
|
||||||
request.user.speaker_profile
|
request.user.speaker_profile
|
||||||
except ObjectDoesNotExist:
|
except ObjectDoesNotExist:
|
||||||
return redirect("dashboard")
|
return redirect("dashboard")
|
||||||
|
|
||||||
kinds = []
|
kinds = []
|
||||||
for proposal_section in ProposalSection.available():
|
for proposal_section in ProposalSection.available():
|
||||||
for kind in proposal_section.section.proposal_kinds.all():
|
for kind in proposal_section.section.proposal_kinds.all():
|
||||||
kinds.append(kind)
|
kinds.append(kind)
|
||||||
|
|
||||||
return render(request, "proposals/proposal_submit.html", {
|
return render(request, "proposals/proposal_submit.html", {
|
||||||
"kinds": kinds,
|
"kinds": kinds,
|
||||||
})
|
})
|
||||||
|
|
||||||
|
|
||||||
def proposal_submit_kind(request, kind_slug):
|
def proposal_submit_kind(request, kind_slug):
|
||||||
|
|
||||||
kind = get_object_or_404(ProposalKind, slug=kind_slug)
|
kind = get_object_or_404(ProposalKind, slug=kind_slug)
|
||||||
|
|
||||||
if not request.user.is_authenticated():
|
if not request.user.is_authenticated():
|
||||||
return redirect("home") # @@@ unauth'd speaker info page?
|
return redirect("home") # @@@ unauth'd speaker info page?
|
||||||
else:
|
else:
|
||||||
|
@ -59,12 +63,12 @@ def proposal_submit_kind(request, kind_slug):
|
||||||
speaker_profile = request.user.speaker_profile
|
speaker_profile = request.user.speaker_profile
|
||||||
except ObjectDoesNotExist:
|
except ObjectDoesNotExist:
|
||||||
return redirect("dashboard")
|
return redirect("dashboard")
|
||||||
|
|
||||||
if not kind.section.proposalsection.is_available():
|
if not kind.section.proposalsection.is_available():
|
||||||
return redirect("proposal_submit")
|
return redirect("proposal_submit")
|
||||||
|
|
||||||
form_class = get_form(settings.PROPOSAL_FORMS[kind_slug])
|
form_class = get_form(settings.PROPOSAL_FORMS[kind_slug])
|
||||||
|
|
||||||
if request.method == "POST":
|
if request.method == "POST":
|
||||||
form = form_class(request.POST)
|
form = form_class(request.POST)
|
||||||
if form.is_valid():
|
if form.is_valid():
|
||||||
|
@ -79,7 +83,7 @@ def proposal_submit_kind(request, kind_slug):
|
||||||
return redirect("dashboard")
|
return redirect("dashboard")
|
||||||
else:
|
else:
|
||||||
form = form_class()
|
form = form_class()
|
||||||
|
|
||||||
return render(request, "proposals/proposal_submit_kind.html", {
|
return render(request, "proposals/proposal_submit_kind.html", {
|
||||||
"kind": kind,
|
"kind": kind,
|
||||||
"form": form,
|
"form": form,
|
||||||
|
@ -91,17 +95,17 @@ def proposal_speaker_manage(request, pk):
|
||||||
queryset = ProposalBase.objects.select_related("speaker")
|
queryset = ProposalBase.objects.select_related("speaker")
|
||||||
proposal = get_object_or_404(queryset, pk=pk)
|
proposal = get_object_or_404(queryset, pk=pk)
|
||||||
proposal = ProposalBase.objects.get_subclass(pk=proposal.pk)
|
proposal = ProposalBase.objects.get_subclass(pk=proposal.pk)
|
||||||
|
|
||||||
if proposal.speaker != request.user.speaker_profile:
|
if proposal.speaker != request.user.speaker_profile:
|
||||||
raise Http404()
|
raise Http404()
|
||||||
|
|
||||||
if request.method == "POST":
|
if request.method == "POST":
|
||||||
add_speaker_form = AddSpeakerForm(request.POST, proposal=proposal)
|
add_speaker_form = AddSpeakerForm(request.POST, proposal=proposal)
|
||||||
if add_speaker_form.is_valid():
|
if add_speaker_form.is_valid():
|
||||||
message_ctx = {
|
message_ctx = {
|
||||||
"proposal": proposal,
|
"proposal": proposal,
|
||||||
}
|
}
|
||||||
|
|
||||||
def create_speaker_token(email_address):
|
def create_speaker_token(email_address):
|
||||||
# create token and look for an existing speaker to prevent
|
# create token and look for an existing speaker to prevent
|
||||||
# duplicate tokens and confusing the pending speaker
|
# duplicate tokens and confusing the pending speaker
|
||||||
|
@ -110,8 +114,8 @@ def proposal_speaker_manage(request, pk):
|
||||||
Q(user=None, invite_email=email_address)
|
Q(user=None, invite_email=email_address)
|
||||||
)
|
)
|
||||||
except Speaker.DoesNotExist:
|
except Speaker.DoesNotExist:
|
||||||
salt = sha_constructor(str(random.random())).hexdigest()[:5]
|
salt = sha256(str(random.random())).hexdigest()[:5]
|
||||||
token = sha_constructor(salt + email_address).hexdigest()
|
token = sha256(salt + email_address).hexdigest()
|
||||||
pending = Speaker.objects.create(
|
pending = Speaker.objects.create(
|
||||||
invite_email=email_address,
|
invite_email=email_address,
|
||||||
invite_token=token,
|
invite_token=token,
|
||||||
|
@ -173,14 +177,14 @@ def proposal_edit(request, pk):
|
||||||
|
|
||||||
if request.user != proposal.speaker.user:
|
if request.user != proposal.speaker.user:
|
||||||
raise Http404()
|
raise Http404()
|
||||||
|
|
||||||
if not proposal.can_edit():
|
if not proposal.can_edit():
|
||||||
ctx = {
|
ctx = {
|
||||||
"title": "Proposal editing closed",
|
"title": "Proposal editing closed",
|
||||||
"body": "Proposal editing is closed for this session type."
|
"body": "Proposal editing is closed for this session type."
|
||||||
}
|
}
|
||||||
return render(request, "proposals/proposal_error.html", ctx)
|
return render(request, "proposals/proposal_error.html", ctx)
|
||||||
|
|
||||||
form_class = get_form(settings.PROPOSAL_FORMS[proposal.kind.slug])
|
form_class = get_form(settings.PROPOSAL_FORMS[proposal.kind.slug])
|
||||||
|
|
||||||
if request.method == "POST":
|
if request.method == "POST":
|
||||||
|
@ -206,7 +210,7 @@ def proposal_edit(request, pk):
|
||||||
return redirect("proposal_detail", proposal.pk)
|
return redirect("proposal_detail", proposal.pk)
|
||||||
else:
|
else:
|
||||||
form = form_class(instance=proposal)
|
form = form_class(instance=proposal)
|
||||||
|
|
||||||
return render(request, "proposals/proposal_edit.html", {
|
return render(request, "proposals/proposal_edit.html", {
|
||||||
"proposal": proposal,
|
"proposal": proposal,
|
||||||
"form": form,
|
"form": form,
|
||||||
|
@ -218,22 +222,22 @@ def proposal_detail(request, pk):
|
||||||
queryset = ProposalBase.objects.select_related("speaker", "speaker__user")
|
queryset = ProposalBase.objects.select_related("speaker", "speaker__user")
|
||||||
proposal = get_object_or_404(queryset, pk=pk)
|
proposal = get_object_or_404(queryset, pk=pk)
|
||||||
proposal = ProposalBase.objects.get_subclass(pk=proposal.pk)
|
proposal = ProposalBase.objects.get_subclass(pk=proposal.pk)
|
||||||
|
|
||||||
if request.user not in [p.user for p in proposal.speakers()]:
|
if request.user not in [p.user for p in proposal.speakers()]:
|
||||||
raise Http404()
|
raise Http404()
|
||||||
|
|
||||||
if "symposion.reviews" in settings.INSTALLED_APPS:
|
if "symposion.reviews" in settings.INSTALLED_APPS:
|
||||||
from symposion.reviews.forms import SpeakerCommentForm
|
from symposion.reviews.forms import SpeakerCommentForm
|
||||||
message_form = SpeakerCommentForm()
|
message_form = SpeakerCommentForm()
|
||||||
if request.method == "POST":
|
if request.method == "POST":
|
||||||
message_form = SpeakerCommentForm(request.POST)
|
message_form = SpeakerCommentForm(request.POST)
|
||||||
if message_form.is_valid():
|
if message_form.is_valid():
|
||||||
|
|
||||||
message = message_form.save(commit=False)
|
message = message_form.save(commit=False)
|
||||||
message.user = request.user
|
message.user = request.user
|
||||||
message.proposal = proposal
|
message.proposal = proposal
|
||||||
message.save()
|
message.save()
|
||||||
|
|
||||||
ProposalMessage = SpeakerCommentForm.Meta.model
|
ProposalMessage = SpeakerCommentForm.Meta.model
|
||||||
reviewers = User.objects.filter(
|
reviewers = User.objects.filter(
|
||||||
id__in=ProposalMessage.objects.filter(
|
id__in=ProposalMessage.objects.filter(
|
||||||
|
@ -242,7 +246,7 @@ def proposal_detail(request, pk):
|
||||||
user=request.user
|
user=request.user
|
||||||
).distinct().values_list("user", flat=True)
|
).distinct().values_list("user", flat=True)
|
||||||
)
|
)
|
||||||
|
|
||||||
for reviewer in reviewers:
|
for reviewer in reviewers:
|
||||||
ctx = {
|
ctx = {
|
||||||
"proposal": proposal,
|
"proposal": proposal,
|
||||||
|
@ -253,13 +257,13 @@ def proposal_detail(request, pk):
|
||||||
[reviewer.email], "proposal_new_message",
|
[reviewer.email], "proposal_new_message",
|
||||||
context=ctx
|
context=ctx
|
||||||
)
|
)
|
||||||
|
|
||||||
return redirect(request.path)
|
return redirect(request.path)
|
||||||
else:
|
else:
|
||||||
message_form = SpeakerCommentForm()
|
message_form = SpeakerCommentForm()
|
||||||
else:
|
else:
|
||||||
message_form = None
|
message_form = None
|
||||||
|
|
||||||
return render(request, "proposals/proposal_detail.html", {
|
return render(request, "proposals/proposal_detail.html", {
|
||||||
"proposal": proposal,
|
"proposal": proposal,
|
||||||
"message_form": message_form
|
"message_form": message_form
|
||||||
|
@ -271,7 +275,7 @@ def proposal_cancel(request, pk):
|
||||||
queryset = ProposalBase.objects.select_related("speaker")
|
queryset = ProposalBase.objects.select_related("speaker")
|
||||||
proposal = get_object_or_404(queryset, pk=pk)
|
proposal = get_object_or_404(queryset, pk=pk)
|
||||||
proposal = ProposalBase.objects.get_subclass(pk=proposal.pk)
|
proposal = ProposalBase.objects.get_subclass(pk=proposal.pk)
|
||||||
|
|
||||||
if proposal.speaker.user != request.user:
|
if proposal.speaker.user != request.user:
|
||||||
return HttpResponseForbidden()
|
return HttpResponseForbidden()
|
||||||
|
|
||||||
|
@ -281,7 +285,7 @@ def proposal_cancel(request, pk):
|
||||||
# @@@ fire off email to submitter and other speakers
|
# @@@ fire off email to submitter and other speakers
|
||||||
messages.success(request, "%s has been cancelled" % proposal.title)
|
messages.success(request, "%s has been cancelled" % proposal.title)
|
||||||
return redirect("dashboard")
|
return redirect("dashboard")
|
||||||
|
|
||||||
return render(request, "proposals/proposal_cancel.html", {
|
return render(request, "proposals/proposal_cancel.html", {
|
||||||
"proposal": proposal,
|
"proposal": proposal,
|
||||||
})
|
})
|
||||||
|
@ -339,10 +343,10 @@ def document_create(request, proposal_pk):
|
||||||
queryset = ProposalBase.objects.select_related("speaker")
|
queryset = ProposalBase.objects.select_related("speaker")
|
||||||
proposal = get_object_or_404(queryset, pk=proposal_pk)
|
proposal = get_object_or_404(queryset, pk=proposal_pk)
|
||||||
proposal = ProposalBase.objects.get_subclass(pk=proposal.pk)
|
proposal = ProposalBase.objects.get_subclass(pk=proposal.pk)
|
||||||
|
|
||||||
if proposal.cancelled:
|
if proposal.cancelled:
|
||||||
return HttpResponseForbidden()
|
return HttpResponseForbidden()
|
||||||
|
|
||||||
if request.method == "POST":
|
if request.method == "POST":
|
||||||
form = SupportingDocumentCreateForm(request.POST, request.FILES)
|
form = SupportingDocumentCreateForm(request.POST, request.FILES)
|
||||||
if form.is_valid():
|
if form.is_valid():
|
||||||
|
@ -353,7 +357,7 @@ def document_create(request, proposal_pk):
|
||||||
return redirect("proposal_detail", proposal.pk)
|
return redirect("proposal_detail", proposal.pk)
|
||||||
else:
|
else:
|
||||||
form = SupportingDocumentCreateForm()
|
form = SupportingDocumentCreateForm()
|
||||||
|
|
||||||
return render(request, "proposals/document_create.html", {
|
return render(request, "proposals/document_create.html", {
|
||||||
"proposal": proposal,
|
"proposal": proposal,
|
||||||
"form": form,
|
"form": form,
|
||||||
|
@ -378,8 +382,8 @@ def document_download(request, pk, *args):
|
||||||
def document_delete(request, pk):
|
def document_delete(request, pk):
|
||||||
document = get_object_or_404(SupportingDocument, pk=pk, uploaded_by=request.user)
|
document = get_object_or_404(SupportingDocument, pk=pk, uploaded_by=request.user)
|
||||||
proposal_pk = document.proposal.pk
|
proposal_pk = document.proposal.pk
|
||||||
|
|
||||||
if request.method == "POST":
|
if request.method == "POST":
|
||||||
document.delete()
|
document.delete()
|
||||||
|
|
||||||
return redirect("proposal_detail", proposal_pk)
|
return redirect("proposal_detail", proposal_pk)
|
||||||
|
|
Loading…
Reference in a new issue