def create():
if not authenticated(session):
abort(403)
else:
id_folder = int(request.form.get("id_folder"))
task_name = request.form.get("task_name")
if(id_folder == None) or (id_folder == ""):
flash("The folder must have an id!", category="error")
return redirect(request.referrer)
if(task_name == None) or (task_name == ""):
flash("The task must have a name!", category="error")
return redirect(request.referrer)
conn = connection()
if User.has_permision_to_open_folder(conn, session['user']['id'], id_folder):
if Task.exists(conn, id_folder, task_name):
flash("The task already exists!", category="error")
return redirect(request.referrer)
else:
try:
Task.create(conn, id_folder, task_name)
flash("One task has been added!", category="success")
except:
flash("There was an error adding your task", category="error")
else:
flash("You can't access that folder!", category="error")
return redirect(request.referrer)
def home():
"""Retorna al login de la pagina"""
settings = PageSetting.find_settings()
if not (settings.enabled) and not (authenticated(session)):
return render_template("errors/maintenance.html")
else:
return render_template("layout/index.html", settings=settings)
def create():
if not authenticated(session):
abort(401)
conn = connection()
User.create(conn, request.form)
return redirect(url_for("user_index"))
def update():
if not authenticated(session):
abort(403)
else:
id_task = int(request.form.get("id_task"))
id_folder = int(request.form.get("id_folder"))
task_name = request.form.get("task_name")
if(id_task == None) or (id_task == ""):
flash("The task must have an id!", category="error")
return redirect(request.referrer)
if(id_folder == None) or (id_folder == ""):
flash("The folder must have an id!", category="error")
return redirect(request.referrer)
if(task_name == None) or (task_name == ""):
flash("The task must have a name!", category="error")
return redirect(request.referrer)
conn = connection()
if Task.exists(conn, id_folder, task_name):
flash("The task already exists!", category="error")
else:
try:
Task.update(conn, id_task, task_name)
flash("The task was updated!", category="success")
except:
flash("There was an error editing your task", category="error")
return redirect(request.referrer)
def is_owner(id_house):
if not authenticated(session):
abort(401)
conn = connection()
if (User.is_owner(conn, session['user']['id'], id_house)):
return True
return False
def main_menu():
if not authenticated(session):
abort(403)
else:
conn = connection()
folders = Folder.find_by_id_user(conn, session['user']['id'])
return render_template("user/menu.html", folders=folders)
def favorite_houses():
if not authenticated(session):
abort(401)
else:
conn = connection()
houses = User.favorite_houses(conn, session['user']['id'])
return render_template("houses/all_houses.html", title="Tu lista de favoritos", houses=houses)
def wrap(*args, **kwargs):
if not authenticated(session):
return render_template("errors/error.html")
permisos = permissions()
if idPermiso not in permisos:
return render_template("errors/error.html")
return func(*args, **kwargs)
def index():
if not authenticated(session):
abort(401)
conn = connection()
users = User.all(conn)
return render_template("user/index.html", users=users)
def buy_house():
if not authenticated(session):
abort(401)
id_house = request.form.get("id_house")
if (not id_house):
flash("No hay una casa seleccionada")
return redirect(request.referrer)
conn = connection()
if House.exist(conn, id_house):
if User.buy_house(conn, session['user']['id'], id_house):
flash("Compra exitosa", category="success")
else:
flash("Ha ocurrido un error", category="error")
else:
flash("No puedes comprar esta propiedad", category="error")
return redirect(request.referrer)
def add_fav_house():
if not authenticated(session):
abort(401)
else:
try:
params = request.get_json()
id_user = params['id_user']
id_house = params['id_house']
conn = connection()
if(User.has_favorite(conn, id_user, id_house)):
User.delete_fav_house(conn, id_user, id_house)
return jsonify({"text": "deleted"})
else:
User.add_fav_house(conn, id_user, id_house)
return jsonify({"text": "added"})
except:
abort(500)
def validar_permisos(un_permiso):
if sitio_cerrado() and no_es_admin():
# print("Salio xq no estaba cerrado y no esta logueado como admin")
abort(503)
# Si el usuario no tiene una cookie de sesion válida muestro un mensaje de error
if not authenticated(session):
# print("Salio xq no estaba autenticado")
abort(401)
if not usuario_activo(session):
# print("Salio xq no estaba activo")
abort(403)
if un_permiso != '' and no_tiene_el_permiso_solicitado(un_permiso):
# print("Se solicito permiso para "+un_permiso)
# print("Salio xq no tenia el permiso")
abort(403)
return
def create():
if not authenticated(session):
abort(403)
else:
folder_name = request.form.get("folder_name")
if (folder_name == None) or (folder_name == ""):
flash("The folder must have a name!", category="error")
return redirect(url_for("user-main-menu"))
conn = connection()
if (Folder.exists(conn, session['user']['id'], folder_name)):
flash("The folder already exists!", category="error")
else:
try:
Folder.create(conn, session['user']['id'], folder_name)
flash("The folder was created!", category="success")
except:
flash("There was an error", category="error")
return redirect(url_for("user-main-menu"))
def check():
if not authenticated(session):
abort(403)
data = request.get_json()
id_task = int(data['id_task'])
checked = data['checked']
if(id_task == "" or id_task == None):
abort(404)
if(checked == "" or checked == None):
abort(404)
conn = connection()
Task.check(conn, id_task, checked)
return jsonify({"state": checked})
def GET(self):
user = models.User.objects.get(email=auth.authenticated())
# Get a list of all the classes the user is teaching.
classes = list(user.classes)
# Get all of the assignments in those classes
assignments = models.Assignment.objects(forClass__in=user.classes)
# Add the className attribute to all the assignments so the view can
# access it easily.
for i in assignments:
# Ensure that we aren't about to blow away something we shouldn't
assert "className" not in vars(i)
vars(i)["className"] = \
utils.first(classes, lambda j: j.id == i.forClass).name
return view.classes(assignments, classes)
def GET(self):
user = models.User.objects.get(email = auth.authenticated())
# Get a list of all the classes the user is teaching.
classes = list(user.classes)
# Get all of the assignments in those classes
assignments = models.Assignment.objects(forClass__in = user.classes)
# Add the className attribute to all the assignments so the view can
# access it easily.
for i in assignments:
# Ensure that we aren't about to blow away something we shouldn't
assert "className" not in vars(i)
vars(i)["className"] = \
utils.first(classes, lambda j: j.id == i.forClass).name
return view.classes(assignments, classes)
def show():
if not authenticated(session):
abort(403)
else:
id_folder = request.args.get("id_folder")
if(id_folder == None) or (id_folder == ""):
flash("The 'id' field is empty!", category="error")
return redirect(request.referrer)
conn = connection()
if User.has_permision_to_open_folder(conn, session['user']['id'], id_folder):
folder = Folder.find_by_id(conn, id_folder)
if not folder:
flash("The folder doesn't exist!", category="error")
return redirect(request.referrer)
else:
tasks = Task.find_by_id_folder(conn, folder['id'])
return render_template("folder/folder-show.html", folder=folder, tasks=tasks)
else:
flash("You don't have permission to access that folder!", category="error")
return redirect(request.referrer)
def delete_house():
if not authenticated(session):
abort(401)
id_house = request.form.get("id_house")
if(id_house is None)or(id_house == ""):
flash("La propiedad debe tener un ID", category="error")
else:
conn = connection()
if not User.is_owner(conn, session['user']['id'], id_house):
flash("Solo el dueño de la publicación puede borrarla!", category="error")
else:
if House.was_sold(conn,id_house):
flash("No puede eliminar una propiedad vendida!", category="error")
else:
House.delete(conn, id_house)
flash("Se ha eliminado la publicación exitosamente!", category="success")
return redirect(url_for("index"))
return redirect(request.referrer)
def show():
id = request.args.get("id")
if id is not None:
conn = connection()
house = House.find_by_id(conn, id)
if house:
if house["deleted_at"] is not None:
if authenticated(session):
if User.bought_house(conn, house['id'], session['user']['id']):
return render_template("houses/show_house.html", house=house)
else:
abort(404)
else:
abort(401)
else:
return render_template("houses/show_house.html", house=house)
else:
abort(404)
else:
abort(404)
def delete():
if not authenticated(session):
abort(403)
else:
id_task = request.form.get("id_task")
if(id_task == None) or (id_task == ""):
flash("The task must have an ID!", category="error")
return redirect(request.referrer)
conn = connection()
task = Task.find_by_id(conn, id_task)
if not task:
flash("The task doesn't exist!", category="error")
else:
if Task.belongs_to_user(conn, id_task, session['user']['id']):
try:
Task.delete(conn, id_task)
flash("A task was deleted!", category="success")
except:
flash("There was an error!", category="error")
else:
flash("You can't access that task!", category="error")
return redirect(request.referrer)
def delete():
if not authenticated(session):
abort(403)
else:
id_folder = request.form.get("id_folder")
if (id_folder == None) or (id_folder == ""):
flash("The folder must have an ID!", category="error")
return redirect(url_for("user-main-menu"))
conn = connection()
folder = Folder.find_by_id(conn, id_folder)
if not folder:
flash("The folder doesn't exist!", category="error")
else:
if folder['id_user'] == session['user']['id']:
try:
Folder.delete(conn, session['user']['id'], id_folder)
flash("The folder was deleted!", category="success")
except:
flash("There was an error!", category="error")
else:
flash("You don't have access to that folder!",
category="error")
return redirect(url_for("user-main-menu"))
def no_es_admin():
return not (authenticated(session)
and User.tiene_rol(session["usuario"], 'admin'))
def houses_on_sale():
if not authenticated(session):
abort(401)
conn = connection()
houses = User.houses_on_sale(conn, session['user']['id'])
return render_template("houses/all_houses.html", title="Tus publicaciones", houses=houses)
def login():
if authenticated(session):
flash("Ya tenes una sesión activa.", "warning")
return redirect(url_for('home'))
form = LoginForm()
return render_template('auth/login.html', form=form)
def purchases():
if not authenticated(session):
abort(401)
conn = connection()
houses = House.purchases(conn, session['user']['id'])
return render_template("houses/all_houses.html", title="Tus compras", houses=houses)
def new():
if not authenticated(session):
abort(401)
return render_template("user/new.html")
def permissions():
if authenticated(session):
#print("\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n")
name_permisos = UsersRoles.return_name_permission_by_iduser(
int(session["id"]))
return name_permisos
