From: Guillaume Subiron <maethor@subiron.org>
Date: Mon, 4 Jun 2012 14:12:25 +0000 (+0200)
Subject: Many improvment in votes
X-Git-Url: http://git.heureux-cyclage.org/?p=cavote.git;a=commitdiff_plain;h=9a0891ac3f5ae69cd1e276931401516b3213df4c

Many improvment in votes
---

diff --git a/main.py b/main.py
index dca985f..e2e7d81 100755
--- a/main.py
+++ b/main.py
@@ -61,6 +61,15 @@ def disconnect_user():
 def crypt(passwd):
     return hashlib.sha1(passwd).hexdigest() 
 
+def get_userid():
+    user = session.get('user')
+    if user is None: 
+        return -1
+    elif not user.get('id') > 0:
+        return -1
+    else:
+        return user.get('id')
+
 @app.route('/login', methods=['GET', 'POST'])
 def login():
     if request.method == 'POST':
@@ -110,14 +119,14 @@ def login_key(userid, key):
 
 @app.route('/user/<userid>')
 def user(userid):
-    if int(userid) != session.get('user').get('id'):
+    if int(userid) != get_userid():
         abort(401)
     groups = query_db('select * from roles join user_role on id=id_role where id_user = ?', userid)
     return render_template('user.html', groups=groups)
 
 @app.route('/user/settings/<userid>', methods=['GET', 'POST'])
 def user_edit(userid):
-    if int(userid) != session.get('user').get('id'):
+    if int(userid) != get_userid():
         abort(401)
     if request.method == 'POST':
         if query_db('select * from users where email=? and id!=?', [request.form['email'], userid], one=True) is None:
@@ -140,7 +149,7 @@ def user_edit(userid):
 
 @app.route('/user/password/<userid>', methods=['GET', 'POST'])
 def user_password(userid):
-    if int(userid) != session.get('user').get('id'):
+    if int(userid) != get_userid():
         abort(401)
     if request.method == 'POST':
         if request.form['password'] == request.form['password2']:
@@ -262,27 +271,35 @@ def votes(votes):
 # Vote
 
 def can_see_vote(idvote, iduser=-1):
-    user = query_db('select * from users where id=?', [iduser], one=True)
     vote = query_db('select * from votes where id=?', [idvote], one=True)
-    if user is None and not vote.is_public:
-        return False
-    return True # :TODO:maethor:120529: Check others things
+    if vote is None:
+        abort(404)
+    if not vote['is_public']:
+        user = query_db('select * from users where id=?', [iduser], one=True)
+        if user is None: # :TODO:maethor:120604: Check others things (groups)
+            return False
+    return True
 
 def can_vote(idvote, iduser=-1):
-    # :TODO:maethor:120604: Check if user has'nt already vote
-    if not can_see_vote(idvote, iduser):
-        return False
-    return True # :TODO:maethor:120529: Check others things
+    if iduser > 0: 
+        if can_see_vote(idvote, iduser): 
+            if not has_voted(idvote, iduser):
+                return True # :TODO:maethor:120529: Check others things (groups)
+    return False
+
+def has_voted(idvote, iduser=-1):
+    vote = query_db('select * from user_choice join choices on id_choice=choices.id where id_vote = ? and id_user = ?', [idvote, iduser], one=True)
+    return (vote is not None)
 
 @app.route('/vote/<idvote>', methods=['GET', 'POST'])
 def vote(idvote):
     vote = query_db('select *, roles.name as rolename from votes join roles on roles.id=votes.id_role where votes.id=?', [idvote], one=True)
     if vote is None:
         abort(404)
-    if can_see_vote(idvote, session.get('user').get('id')):
-        choices = query_db('select name, id from choices where id_vote=?', [idvote])
+    if can_see_vote(idvote, get_userid()):
         if request.method == 'POST':
-            if can_vote(idvote, session.get('user').get('id')):
+            if can_vote(idvote, get_userid()):
+                choices = query_db('select name, id from choices where id_vote=?', [idvote])
                 for choice in choices:
                     if str(choice['id']) in request.form.keys():
                         g.db.execute('insert into user_choice (id_user, id_choice) values (?, ?)', 
@@ -296,23 +313,27 @@ def vote(idvote):
         users = dict()
         for t in tuples:
             if t['userid'] in users:
-                choice = dict()
-                choice['id'] = t['choiceid']
-                choice['name'] = t['choicename']
-                users[t['userid']]['choices'].append(choice)
+                users[t['userid']]['choices'].append(t['choiceid'])
             else:
                 users[t['userid']] = dict()
                 users[t['userid']]['userid'] = t['userid']
                 users[t['userid']]['username'] = t['username']
-                choice = dict()
-                choice['id'] = t['choiceid']
-                choice['name'] = t['choicename']
-                users[t['userid']]['choices'] = [choice]
+                users[t['userid']]['choices'] = [t['choiceid']]
+        choices = query_db('select choices.name, choices.id, choices.name, choices.id_vote, count(id_choice) as nb from choices left join user_choice on id_choice = choices.id where id_vote = ? group by id_choice, name, id_vote', [idvote])
         attachments = query_db('select * from attachments where id_vote=?', [idvote])
-        return render_template('vote.html', vote=vote, attachments=attachments, choices=choices, users=users.values(), can_vote=can_vote(idvote, session.get('user').get('id')))
+        return render_template('vote.html', vote=vote, attachments=attachments, choices=choices, users=users.values(), can_vote=can_vote(idvote, get_userid()))
     flash('Vous n\'avez pas le droit de voir ce vote, désolé.')
     return(url_for('home'))
 
+@app.route('/vote/deletechoices/<idvote>/<iduser>')
+def vote_deletechoices(idvote):
+    if (not has_voted(idvote, get_userid())) or iduser != get_userid():
+        abort(401)
+    g.db.execute('delete from user_choice where id_user = ? and id_choice in (select id from choices where id_vote = ?)',
+        [iduser, idvote])
+    g.db.commit()
+    return redirect(url_for('vote', idvote=idvote))
+
 #-------------
 # Votes admin
 
diff --git a/static/css/cavote.css b/static/css/cavote.css
new file mode 100644
index 0000000..ac17021
--- /dev/null
+++ b/static/css/cavote.css
@@ -0,0 +1,34 @@
+.table-votes th {
+    text-align: right;
+}
+
+.table-votes input {
+    margin: 0;
+}
+
+.table-votes td {
+    text-align: center;
+}
+
+.table-votes .yes {
+    background-color: #46a546; /* green */
+    /*background-color: #049cdb;*/ /* blue */
+    color: white;
+    font-weight: bold;
+}
+
+.table-votes .no {
+    background-color: #9d261d; /* red */
+    color: white;
+    font-weight: bold;
+}
+
+.table-votes tr:hover .yes {
+    /*background-color: #60C160; [> green <]*/
+    background-color: #55ab55; /* green */
+    /*background-color: #049cdb;*/ /* blue */
+}
+
+.table-votes tr:hover .no {
+    background-color: #C73F38; /* red */
+}
diff --git a/templates/layout.html b/templates/layout.html
index 1c6f7bd..a73f0e6 100644
--- a/templates/layout.html
+++ b/templates/layout.html
@@ -8,6 +8,7 @@
     <link rel="shortcut icon" href="favicon.ico"> -->
     <!-- ma template.css -->
     <link rel=stylesheet type=text/css href="{{ url_for('static', filename='css/bootstrap.css') }}">
+    <link rel=stylesheet type=text/css href="{{ url_for('static', filename='css/cavote.css') }}">
     <!-- css javascript -->
     <link rel=stylesheet type=text/css href="{{ url_for('static', filename='css/jquery.ui.all.css') }}">
     <!-- javascript -->
diff --git a/templates/vote.html b/templates/vote.html
index fd93e5b..47b1d29 100644
--- a/templates/vote.html
+++ b/templates/vote.html
@@ -3,7 +3,12 @@
 <div class="row">
 <div class="span9">
 <h2 class='page-header'>{{ vote.title }}</h2>
-<table class="table table-condensed table-striped table-bordered">
+
+{% if not vote.is_transparent %}
+<div class="alert alert-info">Ce sondage n'est pas transparent, vous ne pouvez pas voir les votes des autres.</div>
+{% endif %}
+
+<table class="table table-condensed table-bordered table-votes">
   <thead>
     <tr>
       <th></th>
@@ -15,24 +20,25 @@
   </thead>
 
   <tbody>
-  {% if vote.is_transparent %}
   {% for user in users %}
+  {% if vote.is_transparent or user.userid == session.user.id %}
     <tr>
-      <td>{{ user.username }}</td>
+      <th>{% if 'user' in session and user.userid == session.user.id %}<i class="icon-user"></i>{% endif %} {{ user.username }}</th>
       {% for choice in choices %}
-      <th>{% if choice in user.choices %}OUI{% else %}NON{% endif %}</th>
+      {% if choice.id in user.choices %}
+      <td class="yes">OUI</td>
+      {% else %}
+      <td class="no"></td>{% endif %}
       {% endfor %}
+      <td>{% if 'user' in session and user.userid == session.user.id %}<a href="{{ url_for('vote_deletechoices', idvote=vote.id, iduser=session.user.id) }}" class="btn btn-mini btn-danger" title="Supprimer">X</a>{% endif %}</td>
     </tr>
-  {% endfor %}
-  {% else %}
-    <div class="alert alert-info">Ce sondage n'est pas transparent, vous ne pouvez pas voir les votes des autres.</div>
-    <!-- :TODO:maethor:20120528: Afficher le vote de l'utilisateur -->
   {% endif %}
+  {% endfor %}
 
   {% if can_vote %}
     <form class="form-inline" action="{{ url_for('vote', idvote=vote.id) }}" method="post">
     <tr>
-      <td><input type='text' name="username" value='{{ session.user.name }}' disabled /></td>
+      <th><input type='text' name="username" value='{{ session.user.name }}' disabled /></th>
       {% if vote.is_multiple %}
       {% for choice in choices %}
       <td><input type='checkbox' name="{{ choice.id }}" /></td>
@@ -47,12 +53,13 @@
     </form>
   {% endif %}
   </tbody>
+
   <tfoot>
   {% if vote.is_transparent %}
     <tr>
-      <td style="text-align: right">Somme</td>
+      <th>Somme</th>
       {% for choice in choices %}
-      <td>nb</td>
+      <td>{{ choice.nb }}</td>
       {% endfor %}
       <td></td>
     </tr>