def post(self): session = self.get_session() try: mail = self.get_argument('mail') uid = None for row in session.query(User).filter(User.mail == mail): uid = row.id if uid: session.query(SetPasswordToken).filter( SetPasswordToken.id == uid).delete() token = uuid4() instance = SetPasswordToken(uid=uid, token=token) db_insert(session, instance) url = 'http://%s/spt/set_password/?id=%s&token=%s' % ( Config.HOST, uid, str(token)) with open('mail_template/set_password.mail') as f: plain_content = f.read() % url with open('mail_template/set_password.html') as f: html_content = f.read() % (url, url) smtp = SMTPMail() smtp.send(mail, '[2017 資訊之芽] 重設密碼', plain_content, html_content) self.return_status(self.STATUS_SUCCESS) else: self.return_status(self.STATUS_FAILED) except Exception as e: if DEBUG: print(e) self.return_status(self.STATUS_ERROR) session.close()
def post(self): session = self.get_session() uid = self.get_secure_cookie('uid') if uid == None: self.return_status(self.STATUS_NOT_LOGINED) else: uid = int(uid) user = get_user(session, uid) try: class_type = int(self.get_argument('class_type')) if datetime.now() > Config.DEADLINE: self.return_status(self.STATUS_DEADLINE) return if not user.rule_test: self.return_status(self.STATUS_PERMISSION_DENIED) elif class_type == 3 and not user.pre_test: self.return_status(self.STATUS_PERMISSION_DENIED) else: data = json.loads(self.get_argument('data')) for obj in data: res = session.query(ApplicationQuestion) \ .filter(and_(ApplicationQuestion.id == obj['id'], ApplicationQuestion.class_type == class_type)) if res.count() > 0: res = session.query(ApplicationAnswer) \ .filter(and_(ApplicationAnswer.uid == uid, ApplicationAnswer.qid == obj['id'])) if res.count() > 0: for row in res: row.description = obj['answer'] session.commit() else: instance = ApplicationAnswer( uid=uid, qid=obj['id'], description=obj['answer']) db_insert(session, instance) if (user.signup_status & (1 << (class_type - 1))) == 0: for row in session.query(User).filter(User.id == uid): row.signup_status = user.signup_status | ( 1 << (class_type - 1)) session.commit() self.return_status(self.STATUS_SUCCESS) except Exception as e: if DEBUG: print(e) self.return_status(self.STATUS_ERROR) session.close()
def post(self): session = self.get_session() uid = self.get_secure_cookie('uid') if uid == None: self.return_status(self.STATUS_NOT_LOGINED) else: uid = int(uid) user = get_user(session, uid) if user.power < 1: self.return_status(self.STATUS_PERMISSION_DENIED) else: try: app_id = int(self.get_argument('id')) order = self.get_argument('order') class_type = self.get_argument('class_type') description = self.get_argument('description') if app_id == -1: instance = ApplicationQuestion(order=order, class_type=class_type, description=description, status=1) db_insert(session, instance) else: for row in session.query(ApplicationQuestion).filter( ApplicationQuestion.id == app_id): row.order = order row.class_type = class_type row.description = description session.commit() self.return_status(self.STATUS_SUCCESS) except Exception as e: if DEBUG: print(e) self.return_status(self.STATUS_ERROR) session.close()
def post(self): session = self.get_session() uid = self.get_secure_cookie('uid') if uid == None: self.return_status(self.STATUS_NOT_LOGINED) else: uid = int(uid) user = get_user(session, uid) if user.power < 1: self.return_status(self.STATUS_PERMISSION_DENIED) else: try: poll_id = int(self.get_argument('id')) order = self.get_argument('order') year = self.get_argument('year') subject = self.get_argument('subject') body = self.get_argument('body') if poll_id != -1: for row in session.query(Poll).filter(and_(Poll.id == poll_id, Poll.status == 1)): row.order = order row.year = year row.subject = subject row.body = body session.commit() else: instance = Poll(order = order, year = year, subject = subject \ , body = body, status = 1) db_insert(session, instance) self.return_status(self.STATUS_SUCCESS) except Exception as e: if DEBUG: print(e) self.return_status(self.STATUS_ERROR) session.close()
def post(self): session = self.get_session() uid = self.get_secure_cookie('uid') if uid == None: self.return_status(self.STATUS_NOT_LOGINED) else: uid = int(uid) user = get_user(session, uid) if user.power < 1: self.return_status(self.STATUS_PERMISSION_DENIED) else: try: qa_id = int(self.get_argument('id')) order = self.get_argument('order') question = self.get_argument('question') answer = self.get_argument('answer') if qa_id != -1: for row in session.query(Qa).filter( and_(Qa.id == qa_id, Qa.status == 1)): row.order = order row.question = question row.answer = answer session.commit() else: instance = Qa(order = order, question = question \ , answer = answer, status = 1) db_insert(session, instance) self.return_status(self.STATUS_SUCCESS) except Exception as e: if DEBUG: print(e) self.return_status(self.STATUS_ERROR) session.close()
def post(self): session = self.get_session() try: mail = self.get_argument('mail') password = self.get_argument('password') hashed = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt()) # password = hashlib.md5(self.get_argument('password').encode('utf-8')).hexdigest() # Check email format if not re.match( r'^[A-Za-z0-9\.\+_-]+@[A-Za-z0-9\._-]+\.[a-zA-Z]*$', mail): self.return_status(self.STATUS_WRONG) else: # Check if this mail be registered or not uid = None for row in session.query(User).filter(User.mail == mail): uid = row.id if uid: self.return_status(self.STATUS_FAILED) else: instance = User(mail = mail, password = str(hashed), power = -1 \ , rule_test = 0, pre_test = 0, signup_status = 0) db_insert(session, instance) for row in session.query(User).filter(User.mail == mail): lastrowid = row.id token = uuid4() instance = AuthToken(uid=lastrowid, token=token) db_insert(session, instance) instance = UserData(uid=lastrowid, gender=1, school_type=1) db_insert(session, instance) url = 'http://%s/spt/register/?id=%s&token=%s' % ( Config.HOST, lastrowid, str(token)) with open('mail_template/register.mail') as f: plain_content = f.read() % url with open('mail_template/register.html') as f: html_content = f.read() % (url, url) smtp = SMTPMail() smtp.send(mail, '[2017 資訊之芽] 註冊帳號確認信', plain_content, html_content) self.return_status(self.STATUS_SUCCESS) except Exception as e: if DEBUG: print(e) self.return_status(self.STATUS_ERROR) session.close()
def post(self): session = self.get_session() uid = self.get_secure_cookie('uid') if uid == None: self.return_status(self.STATUS_NOT_LOGINED) else: uid = int(uid) user = get_user(session, uid) if user.power < 1: self.return_status(self.STATUS_PERMISSION_DENIED) else: try: qid = int(self.get_argument('id')) order = self.get_argument('order') description = self.get_argument('description') options = {} for arg in self.request.arguments: obj = re.match(r'options\[(\d+?)\]\[(.+?)\]', arg) if obj: idx = obj.groups()[0] val = obj.groups()[1] options[idx] = options.get(idx, {}) options[idx][val] = self.get_argument(arg) if qid == -1: instance = RuleQuestion(order=order, description=description, status=1) db_insert(session, instance) # maybe race condition for get insert lastrowid for row in session.query(RuleQuestion).order_by( RuleQuestion.id.desc()).limit(1): qid = row.id else: # clear old optionss for row in session.query(RuleAnswer).filter( RuleAnswer.qid == qid): row.status = 0 session.commit() for row in session.query(RuleQuestion).filter( RuleQuestion.id == qid): row.order = order row.description = description session.commit() for key in options: option = options[key] instance = RuleAnswer(qid=qid, description=option['answer'], status=1, is_answer=1 if ('is_answer' in option) else 0) db_insert(session, instance) self.return_status(self.STATUS_SUCCESS) except Exception as e: if DEBUG: print(e) self.return_status(self.STATUS_ERROR) session.close()