can_vote and can_see_vote supports groups, plus some debug

diff --git a/main.py b/main.py
index bb092ac..e86e453 100755 (executable)
--- a/main.py
+++ b/main.py
@@ -293,7 +293,7 @@ def votes(votes):
     max_votes ='select id_group, count(*) as max_votes from user_group group by id_group'
     basequery = 'select votes.*, max_votes from votes join (' + max_votes + ') as max_votes on votes.id_group = max_votes.id_group'
     nb_votes = 'select id_vote, count(*) as nb_votes from (select id_user, id_vote from user_choice join choices on id_choice = choices.id group by id_user, id_vote) group by id_vote'
-    basequery = 'select * from (' + basequery + ') join (' + nb_votes + ') on id = id_vote'
+    basequery = 'select * from (' + basequery + ') left join (' + nb_votes + ') on id = id_vote'
     basequery = 'select *, votes.id as voteid, groups.name as groupname from (' + basequery + ') as votes join groups on groups.id = id_group where is_open=1'
     if votes == 'all':
         votes = query_db(basequery + ' order by id desc')
@@ -304,6 +304,8 @@ def votes(votes):
     else:
         abort(404)
     for vote in votes:
+        if not vote.get('nb_votes'):
+            vote['nb_votes'] = 0 
         vote['percent'] = int((float(vote['nb_votes']) / float(vote['max_votes'])) * 100)
     return render_template('votes.html', votes=votes, active_button=active_button)
 
@@ -313,18 +315,24 @@ def votes(votes):
 def can_see_vote(idvote, iduser=-1):
     vote = query_db('select * from votes where id=?', [idvote], one=True)
     if vote is None:
-        abort(404)
+        return False
     if not vote['is_public']:
         user = query_db('select * from users where id=?', [iduser], one=True)
-        if user is None: # :TODO:maethor:120604: Check others things (groups)
+        if query_db('select * from user_group where id_user = ? and id_group = ?', [iduser, vote['id']], one=True) is None:
             return False
     return True
 
+
+
 def can_vote(idvote, iduser=-1):
+    vote = query_db('select * from votes where id=?', [idvote], one=True)
+    if vote is None:
+        return False
     if iduser > 0: 
         if can_see_vote(idvote, iduser): 
             if not has_voted(idvote, iduser):
-                return True # :TODO:maethor:120529: Check others things (groups)
+                if query_db('select * from user_group where id_user = ? and id_group = ?', [iduser, vote['id']], one=True):
+                    return True
     return False
 
 def has_voted(idvote, iduser=-1):
@@ -373,8 +381,8 @@ def vote(idvote):
                 vote['nb_votes'] = tmp['nb']
                 vote['percent'] = int((float(vote['nb_votes']) / float(vote['max_votes'])) * 100)
         return render_template('vote.html', vote=vote, attachments=attachments, choices=choices, users=users.values(), can_vote=can_vote(idvote, get_userid()))
-    flash('Vous n\'avez pas le droit de voir ce vote, désolé.')
-    return(url_for('home'))
+    flash(u'Vous n\'avez pas le droit de voir ce vote, désolé.')
+    return redirect(url_for('home'))
 
 @app.route('/vote/deletechoices/<idvote>/<iduser>')
 def vote_deletechoices(idvote, iduser):