Allow organizers to lock/unlock a session in Open Event Frontend

Allow organizers to lock/unlock a session in Open Event Frontend

This blog post will showcase an option which can be used by organizers to lock/unlock a session in Open Event Frontend. Let’s start by understanding what this feature means and why is it important for organizers. If a session is locked by an organizer, it cannot be edited by the session creator. 

Suppose an event organizer wants final session submission by a particular date so that he/she can shortlist the sessions based on final submission, but the user goes on editing the session event after final date of submission. This is a situation where this feature will help the organizer to prohibit the user from further modification of session.

If a session is unlocked, then unlock icon is shown:

Unlocked Session

However, if a session is locked, lock icon is shown:

Locked Session
{{#if record.isLocked}}
  {{#ui-popup content=(t 'Unlock Session') class='ui

basic Button' click=(action unlockSession record)
  position='left center'}}
    <i class="lock icon"></i>   
  {{/ui-popup}}
{{else}}
  {{#ui-popup content=(t 'Lock Session') class='ui basic
  Button' click=(action lockSession record) position='

left center'}}
    <i class="unlock icon"></i>   
  {{/ui-popup}}
{{/if}}

Snippet to toggle locked/unlocked icon

On clicking these icon buttons, corresponding action is triggered which updates the status of is-locked attribute of the session. When an organizer clicks on lock icon button, unlockSession action is triggered which sets is-locked property of session to false. However if unlock icon button is clicked, lockSession action is triggered which sets the is-locked property of session to true.

Snippet to lock a session:

   lockSession(session) {
     session.set('isLocked', true);
     this.set('isLoading', true);
     session.save()
       .then(() => {
         this.notify.success(this.l10n.t('Session has

been locked successfully.'));
         this.send('refreshRoute');
       })
       .catch(() => {
         this.notify.error(this.l10n.t('An unexpected

error has occurred.'));
       })
       .finally(() => {
         this.set('isLoading', false);
       });
   }

Snippet to unlock a session:

  unlockSession(session) {
     session.set('isLocked', false);
     this.set('isLoading', true);
     session.save()
       .then(() => {
         this.notify.success(this.l10n.t('Session has

been unlocked successfully.'));
         this.send('refreshRoute');
       })
       .catch(() => {
         this.notify.error(this.l10n.t('An unexpected

error has occurred.'));
       })
       .finally(() => {
         this.set('isLoading', false);
       });
   }

These changes required few server checks so that only a person with admin or organizer access can update the value of is-locked attribute of session. Also, any try to edit a locked session via API call must be rejected.

Server checks related to locking/unlocking a session:

def before_update_object(self, session, data, view_kwargs):
       """
       before update method to verify if session is

locked before updating
       session object
       :param event:
       :param data:
       :param view_kwargs:
       :return:
       """
       if data.get('is_locked') != session.is_locked:
           if not (has_access('is_admin') or
           has_access('is_organizer')):
               raise ForbiddenException({'source':
                     '/data/attributes/is-locked'}, "You
                     don't have enough permissions to ch

ange this property")

       if session.is_locked and data.get('is_locked') ==
       session.is_locked:
           raise ForbiddenException({'source':
                 '/data/attributes/is-locked'}, "Locked

sessions cannot be edited")

Resources:

Related work and code repo:

Tags:

Eventyay, FOSSASIA, Flask, Ember.js, Open Event

Close Menu