From fd2cb2ee0b54243f5212cff41b287d31adf3b6dc Mon Sep 17 00:00:00 2001 From: Bibhas Date: Tue, 26 Jun 2018 13:59:31 +0530 Subject: [PATCH 1/2] reverted and fixed current_auth booleans --- hasjob/forms/jobpost.py | 2 +- hasjob/templates/detail.html.jinja2 | 12 ++++---- hasjob/templates/layout.html.jinja2 | 12 ++++---- hasjob/templates/postjob.html.jinja2 | 2 +- hasjob/templates/related_posts.html.jinja2 | 2 +- hasjob/views/campaign.py | 8 +++--- hasjob/views/helper.py | 8 +++--- hasjob/views/index.py | 16 +++++------ hasjob/views/listing.py | 32 +++++++++++----------- 9 files changed, 47 insertions(+), 47 deletions(-) diff --git a/hasjob/forms/jobpost.py b/hasjob/forms/jobpost.py index d9816e406..0dab38234 100644 --- a/hasjob/forms/jobpost.py +++ b/hasjob/forms/jobpost.py @@ -382,7 +382,7 @@ class ApplicationForm(forms.Form): def __init__(self, *args, **kwargs): super(ApplicationForm, self).__init__(*args, **kwargs) self.apply_email.choices = [] - if current_auth: + if current_auth.not_anonymous: self.apply_email.description = Markup( _(u'Add new email addresses from your profile').format( g.user.profile_url)) diff --git a/hasjob/templates/detail.html.jinja2 b/hasjob/templates/detail.html.jinja2 index ac22c87a7..7077a5ae4 100644 --- a/hasjob/templates/detail.html.jinja2 +++ b/hasjob/templates/detail.html.jinja2 @@ -105,7 +105,7 @@
{% if not g.kiosk %}
- {%- if current_auth %} + {%- if current_auth.not_anonymous %} {% if g.user.has_starred_post(post) %}    @@ -142,7 +142,7 @@
{%- endif %} - {%- if is_siteadmin or (current_auth and g.board and g.board.owner_is(g.user)) %} + {%- if is_siteadmin or (current_auth.not_anonymous and g.board and g.board.owner_is(g.user)) %}
{%- endif %} - {%- if current_auth and g.user.flags.has_boards %} + {%- if current_auth.not_anonymous and g.user.flags.has_boards %}
   Add to board @@ -275,7 +275,7 @@

{%- if post.state.DRAFT %}{# Always show when in draft state #} {{ post.how_to_apply|hideemail }} - {%- elif current_auth %} + {%- elif current_auth.not_anonymous %} Show instructions {%- else %} Login with Google or GitHub @@ -285,7 +285,7 @@

{%- endif %}
- {%- if not post.state.DRAFT and (current_auth or g.kiosk) and applyform %} + {%- if not post.state.DRAFT and (current_auth.not_anonymous or g.kiosk) and applyform %} {%- endif %} diff --git a/hasjob/templates/layout.html.jinja2 b/hasjob/templates/layout.html.jinja2 index 564a06956..b0aa4f58f 100644 --- a/hasjob/templates/layout.html.jinja2 +++ b/hasjob/templates/layout.html.jinja2 @@ -7,7 +7,7 @@ - + {%- endblock -%} {%- block titletags %} @@ -218,16 +218,16 @@ {% endmacro %} {% if not g.kiosk %} {% with site_links=[], user_links = [] %} - {%- if current_auth and g.user.flags.is_candidate_alltime %} + {%- if current_auth.not_anonymous and g.user.flags.is_candidate_alltime %} {% set user_links = user_links + [{'title': "Applied jobs", 'url': url_for('applied')}] %} {%- endif %} - {%- if current_auth %} + {%- if current_auth.not_anonymous %} {% set user_links = user_links + [{'title': "Bookmarks", 'url': url_for('bookmarks')}] %} {%- endif %} - {%- if current_auth and g.user.flags.is_employer_alltime %} + {%- if current_auth.not_anonymous and g.user.flags.is_employer_alltime %} {% set user_links = user_links + [{'title': "My posts", 'url': url_for('my_posts')}] %} {%- endif %} - {%- if current_auth and g.user.flags.has_jobpost_unconfirmed_month %} + {%- if current_auth.not_anonymous and g.user.flags.has_jobpost_unconfirmed_month %} {% set user_links = user_links + [{'title': "Drafts", 'url': url_for('browse_drafts')}] %} {%- endif %} {%- if is_siteadmin %} @@ -273,7 +273,7 @@ to find out when new jobs are posted. Hosted by E2E Networks. {%- endif %} - {%- if not current_auth and not g.anon_user %} + {%- if not current_auth %} {%- endif %}

diff --git a/hasjob/templates/postjob.html.jinja2 b/hasjob/templates/postjob.html.jinja2 index b1f2fb9be..1716e32a5 100644 --- a/hasjob/templates/postjob.html.jinja2 +++ b/hasjob/templates/postjob.html.jinja2 @@ -101,7 +101,7 @@ {%- else %} {#{{ renderfield(form.poster_name) }}-#} {# Deprecated 2013-11-20 -#} {{ renderfield(form.poster_email) }} - {%- if current_auth %} + {%- if current_auth.not_anonymous %}

Only you, {{ g.user.fullname }}, will be able to respond to candidates. To allow others to respond, add them as a collaborator. diff --git a/hasjob/templates/related_posts.html.jinja2 b/hasjob/templates/related_posts.html.jinja2 index 7186efc26..0dedd7e3e 100644 --- a/hasjob/templates/related_posts.html.jinja2 +++ b/hasjob/templates/related_posts.html.jinja2 @@ -2,7 +2,7 @@ {%- if related_posts %} {%- for post in related_posts -%}

  • - {{ stickie(post, post.url_for(), false, get_post_viewcounts, show_viewcounts=is_siteadmin or current_auth and g.user.flags.is_employer_month, show_pay=is_siteadmin, starred=current_auth and post.id in g.starred_ids) }} + {{ stickie(post, post.url_for(), false, get_post_viewcounts, show_viewcounts=is_siteadmin or current_auth.not_anonymous and g.user.flags.is_employer_month, show_pay=is_siteadmin, starred=current_auth.not_anonymous and post.id in g.starred_ids) }}
  • {%- endfor -%} {%- endif %} diff --git a/hasjob/views/campaign.py b/hasjob/views/campaign.py index d2077eb9e..599376e4f 100644 --- a/hasjob/views/campaign.py +++ b/hasjob/views/campaign.py @@ -180,7 +180,7 @@ def action_new(self, **kwargs): @route('views.csv') def view_counts(self, **kwargs): campaign = self.obj - timezone = current_auth.actor.timezone if current_auth else 'UTC' + timezone = current_auth.actor.timezone if current_auth.not_anonymous else 'UTC' viewdict = defaultdict(dict) interval = chart_interval_for(campaign) @@ -332,7 +332,7 @@ def csv(self, **kwargs): def campaign_action_redirect(campaign, action): if action.type != CAMPAIGN_ACTION.LINK: abort(405) - if current_auth: + if current_auth.not_anonymous: cua = CampaignUserAction.get(action, g.user) if not cua: cua = CampaignUserAction(action=action, user=g.user) @@ -362,7 +362,7 @@ def campaign_action(campaign): dismissed = 'dismiss' in request.form if dismissed: - if current_auth: + if current_auth.not_anonymous: view = campaign.view_for(g.user) if view: view.dismissed = True @@ -382,7 +382,7 @@ def campaign_action(campaign): campaign=campaign, message=Markup("

    Unknown action selected

    ")) cua = None - if current_auth: + if current_auth.not_anonymous: cua = CampaignUserAction.get(action, g.user) if not cua: cua = CampaignUserAction(action=action, user=g.user) diff --git a/hasjob/views/helper.py b/hasjob/views/helper.py index 23a610386..545df81ef 100644 --- a/hasjob/views/helper.py +++ b/hasjob/views/helper.py @@ -46,7 +46,7 @@ def index_is_paginated(): def has_post_stats(post): is_siteadmin = lastuser.has_permission('siteadmin') - return is_siteadmin or post.admin_is(g.user) or (current_auth and g.user.flags.get('is_employer_month')) + return is_siteadmin or post.admin_is(g.user) or (current_auth.not_anonymous and g.user.flags.get('is_employer_month')) @form_validation_success.connect @@ -128,7 +128,7 @@ def load_user_data(user): g.anon_user = anon_user # Prepare event session if it's not already present - if current_auth or g.anon_user and not g.esession: + if current_auth and not g.esession: g.esession = EventSession.get_session(uuid=session.get('es'), user=g.user, anon_user=g.anon_user) if g.esession: session['es'] = g.esession.uuid @@ -254,7 +254,7 @@ def record_views_and_events(response): if g.impressions: g.event_data['impressions'] = g.impressions.values() - if current_auth: + if current_auth.not_anonymous: for campaign in g.campaign_views: if not CampaignView.exists(campaign, g.user): db.session.begin_nested() @@ -278,7 +278,7 @@ def record_views_and_events(response): campaign_view_count_update.delay(campaign_id=campaign.id, anon_user_id=g.anon_user.id) if g.esession: # Will be None for anon static requests - if current_auth or g.anon_user: + if current_auth: ue = UserEvent.new_from_request(request) else: ue = UserEventBase.new_from_request(request) diff --git a/hasjob/views/index.py b/hasjob/views/index.py index b9feedac5..931158537 100644 --- a/hasjob/views/index.py +++ b/hasjob/views/index.py @@ -76,16 +76,16 @@ def json_index(data): for pinned, post, is_bgroup in group: rgroup['posts'].append(stickie_dict( post=post, url=post.url_for(b=is_bgroup), pinned=pinned, is_bgroup=is_bgroup, - show_viewcounts=is_siteadmin or current_auth and g.user.flags.get('is_employer_month'), - show_pay=is_siteadmin, starred=current_auth and post.id in g.starred_ids + show_viewcounts=is_siteadmin or current_auth.not_anonymous and g.user.flags.get('is_employer_month'), + show_pay=is_siteadmin, starred=current_auth.not_anonymous and post.id in g.starred_ids )) result['grouped'].append(rgroup) if pinsandposts: for pinned, post, is_bgroup in pinsandposts: result['posts'].append(stickie_dict( post=post, url=post.url_for(b=is_bgroup), pinned=pinned, is_bgroup=is_bgroup, - show_viewcounts=is_siteadmin or current_auth and g.user.flags.get('is_employer_month'), - show_pay=is_siteadmin, starred=current_auth and post.id in g.starred_ids + show_viewcounts=is_siteadmin or current_auth.not_anonymous and g.user.flags.get('is_employer_month'), + show_pay=is_siteadmin, starred=current_auth.not_anonymous and post.id in g.starred_ids )) return jsonify(result) @@ -373,7 +373,7 @@ def index(basequery=None, filters={}, md5sum=None, tag=None, domain=None, locati is_index = True else: is_index = False - if basequery is None and not (current_auth or g.kiosk or (board and not board.require_login)): + if basequery is None and not (current_auth.not_anonymous or g.kiosk or (board and not board.require_login)): showall = False batched = False @@ -404,12 +404,12 @@ def index(basequery=None, filters={}, md5sum=None, tag=None, domain=None, locati # For logging g.event_data['filters'] = data['data_filters'] - if current_auth: + if current_auth.not_anonymous: g.starred_ids = set(g.user.starred_job_ids(agelimit if not ageless else None)) else: g.starred_ids = set() - if is_siteadmin or (current_auth and g.user.flags.get('is_employer_month')): + if is_siteadmin or (current_auth.not_anonymous and g.user.flags.get('is_employer_month')): load_viewcounts(data['posts']) show_viewcounts = True else: @@ -435,7 +435,7 @@ def index(basequery=None, filters={}, md5sum=None, tag=None, domain=None, locati # Test values for development: # if not g.user_geonameids: # g.user_geonameids = [1277333, 1277331, 1269750] - if not location and 'l' not in request.args and g.user_geonameids and (current_auth or g.anon_user) and ( + if not location and 'l' not in request.args and g.user_geonameids and current_auth and ( (not g.board.auto_locations) if g.board else True): # No location filters? Prompt the user ldata = location_geodata(g.user_geonameids) diff --git a/hasjob/views/listing.py b/hasjob/views/listing.py index ba25c8237..d1efef29f 100644 --- a/hasjob/views/listing.py +++ b/hasjob/views/listing.py @@ -58,11 +58,11 @@ def jobdetail(domain, hashid): return redirect(post.url_for(), code=301) if post.state.UNPUBLISHED: - if not (current_auth and post.admin_is(g.user)): + if not (current_auth.not_anonymous and post.admin_is(g.user)): abort(403) if post.state.GONE: abort(410) - if current_auth: + if current_auth.not_anonymous: jobview = UserJobView.get(post, g.user) if jobview is None: jobview = UserJobView(user=g.user, jobpost=post) @@ -87,7 +87,7 @@ def jobdetail(domain, hashid): except IntegrityError: db.session.rollback() - if current_auth: + if current_auth.not_anonymous: report = JobPostReport.query.filter_by(post=post, user=g.user).first() else: report = None @@ -106,7 +106,7 @@ def jobdetail(domain, hashid): pinnedform = forms.PinnedForm(obj=post) if reportform.validate_on_submit(): - if current_auth: + if current_auth.not_anonymous: if report is None: report = JobPostReport(post=post, user=g.user) report.reportcode_id = reportform.report_code.data @@ -140,14 +140,14 @@ def jobdetail(domain, hashid): else: header_campaign = None - if current_auth and not g.kiosk: + if current_auth.not_anonymous and not g.kiosk: g.starred_ids = set(g.user.starred_job_ids(agelimit)) else: g.starred_ids = set() is_bgroup = getbool(request.args.get('b')) headline = post.headlineb if is_bgroup and post.headlineb else post.headline - if is_siteadmin or post.admin_is(g.user) or (current_auth and g.user.flags.get('is_employer_month')): + if is_siteadmin or post.admin_is(g.user) or (current_auth.not_anonymous and g.user.flags.get('is_employer_month')): post_viewcounts = get_post_viewcounts(post.id) else: post_viewcounts = None @@ -167,7 +167,7 @@ def jobdetail(domain, hashid): def job_viewstats(domain, hashid): is_siteadmin = lastuser.has_permission('siteadmin') post = JobPost.query.filter_by(hashid=hashid).options(db.load_only('id', 'datetime')).first_or_404() - if is_siteadmin or post.admin_is(g.user) or (current_auth and g.user.flags.get('is_employer_month')): + if is_siteadmin or post.admin_is(g.user) or (current_auth.not_anonymous and g.user.flags.get('is_employer_month')): return jsonify({ "unittype": post.viewstats[0], "stats": post.viewstats[1], @@ -186,7 +186,7 @@ def job_related_posts(domain, hashid): post = JobPost.query.filter_by(hashid=hashid).options(*JobPost._defercols).first_or_404() jobpost_ab = session_jobpost_ab() related_posts = post.related_posts().all() - if is_siteadmin or (current_auth and g.user.flags.get('is_employer_month')): + if is_siteadmin or (current_auth.not_anonymous and g.user.flags.get('is_employer_month')): load_viewcounts(related_posts) g.impressions = {rp.id: (False, rp.id, bgroup(jobpost_ab, rp)) for rp in related_posts} max_counts = get_max_counts() @@ -290,7 +290,7 @@ def applyjob(domain, hashid): if post.email_domain != domain: return redirect(post.url_for('apply'), code=301) - if current_auth: + if current_auth.not_anonymous: job_application = JobApplication.query.filter_by(user=g.user, jobpost=post).first() else: job_application = None @@ -308,7 +308,7 @@ def applyjob(domain, hashid): applyform = forms.ApplicationForm() applyform.post = post if applyform.validate_on_submit(): - if current_auth and g.user.blocked: + if current_auth.not_anonymous and g.user.blocked: flashmsg = "Your account has been blocked from applying to jobs" else: if g.kiosk: @@ -417,7 +417,7 @@ def view_application(domain, hashid, application): post = JobPost.query.filter_by(hashid=hashid).first_or_404() # Transition code until we force all employers to login before posting if post.user and not (post.admin_is(g.user) or lastuser.has_permission('siteadmin')): - if not current_auth: + if current_auth.is_anonymous: return redirect(url_for('login', message=u"You need to be logged in to view candidate applications on Hasjob.")) else: abort(403) @@ -456,7 +456,7 @@ def view_application(domain, hashid, application): def process_application(domain, hashid, application): post = JobPost.query.filter_by(hashid=hashid).first_or_404() if post.user and not post.admin_is(g.user): - if not current_auth: + if current_auth.is_anonymous: return redirect(url_for('login')) else: abort(403) @@ -775,7 +775,7 @@ def confirm_email(domain, hashid, key): def withdraw(domain, hashid, key): post = JobPost.query.filter_by(hashid=hashid).first_or_404() form = forms.WithdrawForm() - if not ((key is None and current_auth and post.admin_is(g.user)) or (key == post.edit_key)): + if not ((key is None and current_auth.not_anonymous and post.admin_is(g.user)) or (key == post.edit_key)): abort(403) if post.state.WITHDRAWN: flash("Your job post has already been withdrawn", "info") @@ -812,7 +812,7 @@ def editjob(hashid, key, domain=None, form=None, validated=False, newpost=None): if not newpost: post = JobPost.query.filter_by(hashid=hashid).first_or_404() - if not ((key is None and current_auth and post.admin_is(g.user)) or (key == post.edit_key)): + if not ((key is None and current_auth.not_anonymous and post.admin_is(g.user)) or (key == post.edit_key)): abort(403) # Once this post is published, require editing at /domain//edit @@ -962,7 +962,7 @@ def editjob(hashid, key, domain=None, form=None, validated=False, newpost=None): def newjob(): form = forms.ListingForm() archived_post = None - if not current_auth: + if current_auth.is_anonymous: return redirect(url_for('login', next=url_for('newjob'), message=u"Hasjob now requires you to login before posting a job. Please login as yourself." u" We'll add details about your company later")) @@ -983,7 +983,7 @@ def newjob(): if request.method == 'GET': header_campaign = Campaign.for_context(CAMPAIGN_POSITION.BEFOREPOST, board=g.board, user=g.user, anon_user=g.anon_user, geonameids=g.user_geonameids) - if current_auth: + if current_auth.not_anonymous: # form.poster_name.data = g.user.fullname # Deprecated 2013-11-20 form.poster_email.data = g.user.email else: From 92655911eba0f5b0e3634a78ea044c64206a2c82 Mon Sep 17 00:00:00 2001 From: Bibhas Date: Fri, 29 Jun 2018 17:13:07 +0530 Subject: [PATCH 2/2] anon_user is still not reported to current_auth --- hasjob/views/helper.py | 5 ++--- hasjob/views/index.py | 2 +- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/hasjob/views/helper.py b/hasjob/views/helper.py index 545df81ef..2a6901d71 100644 --- a/hasjob/views/helper.py +++ b/hasjob/views/helper.py @@ -128,7 +128,7 @@ def load_user_data(user): g.anon_user = anon_user # Prepare event session if it's not already present - if current_auth and not g.esession: + if current_auth.not_anonymous or g.anon_user and not g.esession: g.esession = EventSession.get_session(uuid=session.get('es'), user=g.user, anon_user=g.anon_user) if g.esession: session['es'] = g.esession.uuid @@ -278,7 +278,7 @@ def record_views_and_events(response): campaign_view_count_update.delay(campaign_id=campaign.id, anon_user_id=g.anon_user.id) if g.esession: # Will be None for anon static requests - if current_auth: + if current_auth.not_anonymous or g.anon_user: ue = UserEvent.new_from_request(request) else: ue = UserEventBase.new_from_request(request) @@ -306,7 +306,6 @@ def record_views_and_events(response): if g.impressions: # Save impressions to user's cookie session to write to db later session['impressions'] = g.impressions - return response diff --git a/hasjob/views/index.py b/hasjob/views/index.py index 931158537..a78adfee9 100644 --- a/hasjob/views/index.py +++ b/hasjob/views/index.py @@ -435,7 +435,7 @@ def index(basequery=None, filters={}, md5sum=None, tag=None, domain=None, locati # Test values for development: # if not g.user_geonameids: # g.user_geonameids = [1277333, 1277331, 1269750] - if not location and 'l' not in request.args and g.user_geonameids and current_auth and ( + if not location and 'l' not in request.args and g.user_geonameids and (current_auth.not_anonymous or g.anon_user) and ( (not g.board.auto_locations) if g.board else True): # No location filters? Prompt the user ldata = location_geodata(g.user_geonameids)