def ban_users():
users = set(request.form.getlist('banned-users'))
for user in db_session.query(User).filter((
(User.banned == True) & ~User.id.in_(users)) | (
(User.banned == False) & User.id.in_(users))).all(
): # noqa: E712 (SQLAlchemy requires it)
user.banned = user.id in users
db_session.commit()
flash('Updated list of banned users (%s users).' % len(users))
return redirect('/admin')
def run(self):
from setup import db, db_session, engine, app
from models import Room, User
models.PSABase.metadata.create_all(engine)
db.create_all()
db_session.commit()
db_session.add(Room(name='Glass Room 1', reservable=True))
db_session.add(Room(name='Glass Room 2', reservable=False))
db_session.add(User(id=app.config['SUDO_USERID'], admin=True))
db_session.commit()
def cancel_reservation(reservation):
reservation = db_session.query(Reservation).filter_by(
id=reservation).first()
if not reservation:
return error('Invalid reservation')
if reservation.start <= datetime.datetime.now():
return error('Cannot edit reservation starting in the past')
if not g.user.admin and reservation.user != g.user:
return error('Unauthorized to cancel that reservation')
reservation.cancelled = True
db_session.commit()
return success()
def index():
authenticated = g.user and g.user.is_authenticated
if request.args.get('logged_in', False) and authenticated:
session['last_login'] = g.user.last_login
g.user.last_login = datetime.datetime.now()
db_session.commit()
template = 'index.html'
if authenticated:
template = 'calendar.html'
return render_template(template,
rooms=db_session.query(Room).all(),
config=app.config['config'])
def login_as():
user_id = request.form.get('id')
if not user_id:
return abort(400)
user = db_session.query(User).filter_by(id=user_id).first()
if not user:
user = User(id=user_id)
db_session.add(user)
db_session.commit()
logout_user()
login_user(user)
flash('Logged in as %s.' % user.id)
return redirect('/')
def add_admin():
users = set(request.form.getlist('admins')) | set(
[app.config['SUDO_USERID']])
if g.user.id not in users:
flash('You may not remove your own administrative privileges.')
return redirect('/admin')
for user in db_session.query(User).filter((
(User.admin == True) & ~User.id.in_(users)) | (
(User.admin == False) & User.id.in_(users))).all(
): # noqa: E712 (SQLAlchemy requires it)
user.admin = user.id in users
db_session.commit()
flash('Updated list of admins: %s.' % ', '.join(users))
return redirect('/admin')
def edit_reservation(reservation, start=None, end=None):
reservation = db_session.query(Reservation).filter_by(
id=reservation).first()
if not reservation:
return error('Invalid reservation')
if not g.user.admin and reservation.user != g.user:
return error('Unauthorized to edit that reservation')
if reservation.start <= datetime.datetime.now():
return error('Cannot edit reservation starting in the past')
try:
reservation.start = start
reservation.end = end
db_session.commit()
return success()
except AssertionError as e:
db_session.rollback()
return error(str(e))
def add_reservation(start=None, end=None):
room = request.form.get('room', None)
if not room:
return error('Missing room')
room = db_session.query(Room).filter_by(id=int(room)).first()
if not room:
return error('Invalid room')
try:
db_session.add(
Reservation(user_id=g.user.id,
room_id=room.id,
start=start,
end=end))
db_session.commit()
return success()
except AssertionError as e:
db_session.rollback()
return error(str(e))
def admin():
if request.method == 'GET':
context = {
'rooms': db_session.query(Room).all(),
'users': db_session.query(User).all(),
'sudo': app.config['SUDO_USERID'],
}
return render_template('admin.html', **context)
else:
room_id = request.form.get('id', None)
if not room_id:
return abort(400)
room = db_session.query(Room).filter_by(id=room_id).first()
if not room:
return abort(400)
room.name = request.form.get('name', '')
room.description = request.form.get('description', '')
room.reservable = bool(request.form.get('reservable'))
db_session.commit()
return redirect('/admin')