liquid_feedback_frontend
view app/main/index/index.lua @ 9:0ee1e0c42d4c
Version beta5
Minor security fix: Added missing security filter for admin section. Reading of member listing including login names was possible for all users. Write access has not been possible though.
Changing of name and login is possible while a history of these changes is written and accessible by all users.
Statistics shown in area list
Trimming of user input also converts multiple whitespaces to single space character.
Minor security fix: Added missing security filter for admin section. Reading of member listing including login names was possible for all users. Write access has not been possible though.
Changing of name and login is possible while a history of these changes is written and accessible by all users.
Statistics shown in area list
Trimming of user input also converts multiple whitespaces to single space character.
| author | bsw |
|---|---|
| date | Mon Jan 04 12:00:00 2010 +0100 (2010-01-04) |
| parents | 8d91bccab0bf |
| children | 72c5e0ee7c98 |
line source
1 slot.select("title", function()
2 execute.view{
3 module = "member_image",
4 view = "_show",
5 params = {
6 member = app.session.member,
7 image_type = "avatar"
8 }
9 }
10 end)
12 slot.select("title", function()
13 ui.container{
14 attr = { class = "lang_chooser" },
15 content = function()
16 for i, lang in ipairs{"en", "de"} do
17 ui.link{
18 content = function()
19 ui.image{
20 static = "lang/" .. lang .. ".png",
21 attr = { style = "margin-left: 0.5em;", alt = lang }
22 }
23 end,
24 module = "index",
25 action = "set_lang",
26 params = { lang = lang },
27 routing = {
28 default = {
29 mode = "redirect",
30 module = request.get_module(),
31 view = request.get_view(),
32 id = param.get_id_cgi(),
33 params = param.get_all_cgi()
34 }
35 }
36 }
37 end
38 end
39 }
40 end)
42 slot.put_into("title", encode.html(config.app_title))
44 slot.select("actions", function()
46 ui.link{
47 content = function()
48 ui.image{ static = "icons/16/application_form.png" }
49 slot.put(_"Edit my profile")
50 end,
51 module = "member",
52 view = "edit"
53 }
55 ui.link{
56 content = function()
57 ui.image{ static = "icons/16/user_gray.png" }
58 slot.put(_"Upload images")
59 end,
60 module = "member",
61 view = "edit_images"
62 }
64 execute.view{
65 module = "delegation",
66 view = "_show_box"
67 }
69 ui.link{
70 content = function()
71 ui.image{ static = "icons/16/wrench.png" }
72 slot.put(_"Settings")
73 end,
74 module = "member",
75 view = "settings"
76 }
78 if config.download_dir then
79 ui.link{
80 content = function()
81 ui.image{ static = "icons/16/database_save.png" }
82 slot.put(_"Download")
83 end,
84 module = "index",
85 view = "download"
86 }
87 end
88 end)
90 local lang = locale.get("lang")
91 local basepath = request.get_app_basepath()
92 local file_name = basepath .. "/locale/motd/" .. lang .. ".txt"
93 local file = io.open(file_name)
94 if file ~= nil then
95 local help_text = file:read("*a")
96 if #help_text > 0 then
97 ui.container{
98 attr = { class = "motd wiki" },
99 content = function()
100 slot.put(format.wiki_text(help_text))
101 end
102 }
103 end
104 end
107 util.help("index.index", _"Home")
110 local selector = Area:new_selector()
111 :reset_fields()
112 :add_field("area.id", nil, { "grouped" })
113 :add_field("area.name", nil, { "grouped" })
114 :add_field("membership.member_id NOTNULL", "is_member", { "grouped" })
115 :add_field("count(issue.id)", "issues_to_vote_count")
116 :add_field("count(interest.member_id)", "interested_issues_to_vote_count")
117 :join("issue", nil, "issue.area_id = area.id AND issue.fully_frozen NOTNULL AND issue.closed ISNULL")
118 :left_join("direct_voter", nil, { "direct_voter.issue_id = issue.id AND direct_voter.member_id = ?", app.session.member.id })
119 :add_where{ "direct_voter.member_id ISNULL" }
120 :left_join("interest", nil, { "interest.issue_id = issue.id AND interest.member_id = ?", app.session.member.id })
121 :left_join("membership", nil, { "membership.area_id = area.id AND membership.member_id = ? ", app.session.member.id })
123 local areas = {}
124 for i, area in ipairs(selector:exec()) do
125 if area.is_member or area.interested_issues_to_vote_count > 0 then
126 areas[#areas+1] = area
127 end
128 end
130 if #areas > 0 then
131 ui.container{
132 attr = { style = "font-weight: bold;" },
133 content = _"Current votings in areas you are member of and issues you are interested in:"
134 }
136 ui.list{
137 records = areas,
138 columns = {
139 {
140 name = "name"
141 },
142 {
143 content = function(record)
144 if record.is_member and record.issues_to_vote_count > 0 then
145 ui.link{
146 content = function()
147 if record.issues_to_vote_count > 1 then
148 slot.put(_("#{issues_to_vote_count} issue(s)", { issues_to_vote_count = record.issues_to_vote_count }))
149 else
150 slot.put(_("One issue"))
151 end
152 end,
153 module = "area",
154 view = "show",
155 id = record.id,
156 params = {
157 filter = "frozen",
158 filter_voting = "not_voted"
159 }
160 }
161 else
162 slot.put(_"Not a member")
163 end
164 end
165 },
166 {
167 content = function(record)
168 if record.interested_issues_to_vote_count > 0 then
169 ui.link{
170 content = function()
171 if record.interested_issues_to_vote_count > 1 then
172 slot.put(_("#{interested_issues_to_vote_count} issue(s) you are interested in", { interested_issues_to_vote_count = record.interested_issues_to_vote_count }))
173 else
174 slot.put(_"One issue you are interested in")
175 end
176 end,
177 module = "area",
178 view = "show",
179 id = record.id,
180 params = {
181 filter = "frozen",
182 filter_interest = "my",
183 filter_voting = "not_voted"
184 }
185 }
186 end
187 end
188 },
189 }
190 }
191 end
193 execute.view{
194 module = "member",
195 view = "_show",
196 params = { member = app.session.member }
197 }