def show_stats():
if not auth_utils.check_login() or not auth_utils.check_admin(
flask.session['username']):
return flask.redirect(flask.url_for("home"))
default_stats = helpers.get_current_stats()
return flask.render_template("stats.html",
raw_data=json.dumps(default_stats))
def view_application(user_id):
if not auth_utils.check_login() or not auth_utils.check_admin(
flask.session['username']):
return flask.redirect(flask.url_for("home"))
info = helpers.get_application(user_id)
status = helpers.get_status(user_id)
return flask.render_template("view_application.html",
info=info,
status=status)
def update_status(user_id):
if not auth_utils.check_login() or not auth_utils.check_admin(
flask.session['username']):
return flask.redirect(flask.url_for("home"))
helpers.update_status(user_id, flask.request.form.get('new_status'),
flask.request.form.get('reimbursement_amount'),
app_helpers.get_user_id(flask.session['username']))
flask.flash('Status has been updated')
return flask.redirect(flask.url_for('judging.judge'))
def update_waiver_status(waiver_type, user_id):
if not auth_utils.check_login() or not auth_utils.check_admin(
flask.session['username']):
return flask.redirect(flask.url_for("home"))
helpers.update_waiver_status(
user_id, flask.request.form.get('new_status'),
auth_utils.get_user_id(flask.session['username']), waiver_type)
flask.flash('Status has been updated')
return flask.redirect(
flask.url_for('.view_caltech_waiver', user_id=user_id))
def view_caltech_waiver(user_id):
if not auth_utils.check_login() or not auth_utils.check_admin(
flask.session['username']):
return flask.redirect(flask.url_for("home"))
info = helpers.get_waiver(user_id, "caltech_waiver")
info.update(helpers.get_waiver(user_id, "medical_info"))
info['user_id'] = user_id
status = helpers.get_waiver_status(user_id, "caltech_waiver")
status.update(helpers.get_waiver_status(user_id, "medical_info"))
return flask.render_template("view_caltech_waiver.html",
info=info,
status=status)
def serve_resume_book():
if not auth_utils.check_login() or not auth_utils.check_admin(
flask.session['username']):
return flask.redirect(flask.url_for("home"))
fields = flask.request.form.getlist("groups", None)
if fields == None:
return flask.redirect(flask.url_for("judging.judge"))
helpers.generate_resume_book(fields)
return flask.redirect(
flask.url_for("judging.uploaded_file",
filename="hacktech_resume_book.pdf"))
def uploaded_file(filename):
'''
Serves the actual uploaded file.
'''
if not auth_utils.check_login():
return flask.redirect(flask.url_for("home"))
user_res_name = app_helpers.check_resume_exists(
app_helpers.get_user_id(flask.session['username']))
if user_res_name != filename and not auth_utils.check_admin(
flask.session['username']):
return flask.redirect(flask.url_for("home"))
uploads = os.path.join(flask.current_app.root_path,
flask.current_app.config['RESUMES'])
return flask.send_from_directory(uploads, filename, as_attachment=False)
def uploaded_waiver_file(filename, waiver_type):
'''
This function should be collapsed with the function below
'''
if not auth_utils.check_login():
return flask.redirect(flask.url_for("home"))
cur_user_waiver = helpers.get_waiver(
auth_utils.get_user_id(flask.session['username']), waiver_type)
if cur_user_waiver != filename and not auth_utils.check_admin(
flask.session['username']):
return flask.redirect(flask.url_for("home"))
folder_path = "WAIVERS" if waiver_type == "caltech_waiver" else "MEDICAL"
uploads = os.path.join(flask.current_app.root_path,
flask.current_app.config[folder_path])
return flask.send_from_directory(uploads, filename, as_attachment=False)
def judge():
curpage = int(flask.request.args.get('page', 0))
page_size = flask.session.get('page_size', 100)
if page_size == "":
page_size = 100
else:
page_size = int(page_size)
flask.session['page_size'] = page_size
if not auth_utils.check_login() or not auth_utils.check_admin(
flask.session['username']):
return flask.redirect(flask.url_for("home"))
info = helpers.get_all_application_links()
total_pages = int(len(info) / page_size) + 1
info = info[curpage * page_size:(curpage + 1) * page_size]
return flask.render_template("judge.html",
info=info,
page=curpage,
total_pages=total_pages,
page_size=page_size)
def check_status(self_email, other_email):
"""
Using the user's email, check the user's status for the
current year and return it.
"""
# If they aren't an admin or they aren't themselves,
# then they shouldn't see status
if not auth_utils.check_admin(self_email) and self_email != other_email:
return ""
query = """
SELECT status, reimbursement_amt FROM users NATURAL JOIN status NATURAL JOIN applications WHERE
email = %s AND application_year = %s
"""
with flask.g.pymysql_db.cursor() as cursor:
cursor.execute(query, [other_email, app_year.year + "0000"])
result = cursor.fetchone()
if result == None:
return None
return result
def login_submit():
"""Handle authentication."""
username = flask.request.form.get('username', None)
password = flask.request.form.get('password', None)
if username is not None and password is not None:
user_id = helpers.authenticate(username, password)
if user_id is not None:
flask.session['username'] = username
if auth_utils.check_admin(username):
flask.session['admin'] = True
# Update last login time
auth_utils.update_last_login(username)
# Return to previous page if in session
if 'next' in flask.session:
redirect_to = flask.session.pop('next')
return flask.redirect(redirect_to)
else:
return flask.redirect(flask.url_for('home'))
flask.flash('Incorrect username or password. Please try again!')
return flask.redirect(flask.url_for('auth.login'))
def test_check_admin(client):
"""
"""
assert not auth_utils.check_admin("*****@*****.**")
assert auth_utils.check_admin('*****@*****.**')
