def add(cls,
match,
player,
team,
number,
on,
off,
reds,
yellows,
session=session):
firstname = player.split()[0]
surname = " ".join(player.split()[1:])
player = Player.from_query(firstname=firstname,
surname=surname,
session=session)
team = Team.from_query(shortname=team, session=session)
try:
position = session.query(cls).filter_by(match=match,
team=team.id,
player=player.id,
number=number).one()
except NoResultFound:
position = cls(match=match,
team=team.id,
player=player.id,
number=number,
on=on,
off=off,
reds=reds,
yellows=yellows)
session.add(position)
session.commit()
return position
def put(self, id):
assert request.json["id"] == id
transaction = transaction_schema.load(request.json, partial=True)
assert transaction.owner_id == current_user.id
current_session.add(transaction.data)
current_session.commit()
return transaction_schema.dump(transaction.data).data, 201
def post(self, video_id):
parse_args = video_end_parser.parse_args()
last_segment_id = parse_args['last_segment_id']
if not last_segment_id:
abort(400, message="Expecting last_segment_id")
return None
# check the video
video = session \
.query(Video) \
.filter(Video.video_id == video_id) \
.first()
if not video:
abort(404, message="Video (%s) doesn't exist" % video_id)
return None
video.segment_count = last_segment_id + 1
video.status = 'OK'
# generate the thumbnail
thumbnail_segment_id = int(video.segment_count / 2)
enqueue_segment_task('thumbnail', video.video_id, thumbnail_segment_id)
try:
session.add(video)
session.commit()
except:
session.rollback()
logger.error("Error persistent data: %s" % traceback.format_exc())
raise
return video
def delete_release(project_id, release_id):
"""
on post, delete the release.
on get, show a form for posting to delete it.
"""
project = project_for(project_id)
if project.user.id != current_user.id:
abort(404)
if release_id is not None:
arelease = release_for(release_id)
if arelease.project.user.id != current_user.id:
abort(404)
if request.method == 'GET' and release_id is not None:
form = ReleaseDeleteForm(obj=arelease)
else:
form = ReleaseDeleteForm()
if form.validate_on_submit():
(current_session.query(Release).filter(
Release.id == release_id).delete())
current_session.commit()
return redirect(url_for('project.releases', project_id=project.id))
return render_template('project/deleterelease.html',
form=form,
project_for=project_for,
release_for=release_for,
project_id=project_id,
release_id=release_id)
def when_user_is_registered(app, user, confirm_token):
""" we log their ip address so as to try and block spammers.
"""
remote_addr = request.remote_addr or None
user.registered_ip = remote_addr
current_session.add(user)
current_session.commit()
def _delete_service_account_key(g_cloud, service_account_id, access_key):
"""
Internal function for deleting a given key for a service account, also
removes entry from our db if it exists
"""
try:
response = g_cloud.delete_service_account_key(service_account_id,
access_key)
except Exception:
logger.debug(
"Deleting service account {} key {} from Google FAILED. Response: {}. "
"We did NOT delete it from our DB either.".format(
service_account_id, access_key, str(response)))
raise
logger.debug(
"Deleting service account {} key {} from Google succeeded. Response: {}"
.format(service_account_id, access_key, str(response)))
db_entry = (current_session.query(GoogleServiceAccountKey).filter_by(
key_id=access_key).first())
if db_entry:
current_session.delete(db_entry)
current_session.commit()
logger.info(
"Removed Google Service Account {} Key with ID: {} from Google and our DB."
.format(service_account_id, access_key))
def delete(id):
user = current_session.query(User).get(id)
if user is None:
abort(404)
current_session.delete(user)
current_session.commit()
return jsonify({'message': 'deleted user ' + str(id)})
def _create_proxy_group(user_id, username):
"""
Create a proxy group for the given user
Args:
user_id (int): unique integer id for user
username (str): unique name for user
Return:
userdatamodel.user.GoogleProxyGroup: the newly created proxy group
"""
with GoogleCloudManager() as g_cloud:
prefix = get_prefix_for_google_proxy_groups()
new_proxy_group = g_cloud.create_proxy_group_for_user(user_id,
username,
prefix=prefix)
proxy_group = GoogleProxyGroup(id=new_proxy_group["id"],
email=new_proxy_group["email"])
# link proxy group to user
user = current_session.query(User).filter_by(id=user_id).first()
user.google_proxy_group_id = proxy_group.id
current_session.add(proxy_group)
current_session.commit()
logger.info("Created proxy group {} for user {} with id {}.".format(
new_proxy_group["email"], username, user_id))
return proxy_group
def edit(link):
""" the wiki page.
"""
# TODO: we need to add users_id, parents, and keywords
page = Wiki.for_link(current_session, link)
if page is None:
# we create a new empty wiki page!
page = Wiki(link=link, title=link, latest=1)
if page.locked and not current_user.has_role('admin'):
flash('Wiki page locked.')
return current_app.login_manager.unauthorized()
form = WikiForm(obj=page)
if request.method == 'GET':
# we want people to enter in new data for this field.
form.changes.data = ''
elif request.method == 'POST':
if form.validate_on_submit():
page.new_version(current_session)
page.content = form.content.data
page.changes = form.changes.data
page.users_id = current_user.id
current_session.add(page)
current_session.commit()
delete_view_wiki_cache(link)
return redirect(url_for('wiki.index', link=page.link))
return render_template('wiki/edit.html', form=form, wiki=page)
def post(self):
parse_args = video_parser.parse_args()
new_video = Video()
new_video.title = parse_args['title']
new_video.type = 'LIVE'
new_video.status = 'EMPTY'
new_video.created_at = datetime.now()
new_video.segment_count = -1
new_video.segment_duration = 3000
new_video.repr_1 = Reprs.HIGH
new_video.repr_2 = Reprs.MEDIUM
new_video.repr_3 = Reprs.LOW
new_video.uri_mpd = None
new_video.uri_m3u8 = None
try:
session.add(new_video)
session.commit()
except:
session.rollback()
raise
return new_video, 201
def add(self, match):
"""
Add a match object to the database.
"""
tournament = session.query(Tournament).filter_by(
name=match.tournament).one()
season = session.query(Season).filter_by(tournament=tournament.id,
name=match.season).one()
home = Team.from_query(match.teams['home'].short_name)
away = Team.from_query(match.teams['away'].short_name)
try:
match = session.query(Match).filter_by(date=match.date,
home=home.id,
away=away.id,
season=season.id).one()
except NoResultFound:
match = Match(
date=match.date,
season=season.id,
home=home.id,
away=away.id,
home_score=match.score['home'],
away_score=match.score['away'],
)
session.add(match)
session.commit()
return match
def add_dict(self, match):
"""
Add a match object to the database.
"""
tournament = session.query(Tournament).filter_by(
name=match['tournament']).one()
season = session.query(Season).filter_by(tournament=tournament.id,
name=match['season']).one()
home = Team.from_query(match['home_team'])
away = Team.from_query(match['away_team'])
try:
match = session.query(Match).filter_by(date=match['date'],
home=home.id,
away=away.id,
season=season.id).one()
except NoResultFound:
date = datetime.strptime(match['date'], "%Y-%m-%d")
match = Match(
date=date,
season=season.id,
home=home.id,
away=away.id,
home_score=match['home_score'],
away_score=match['away_score'],
)
session.add(match)
session.commit()
return match
def update(cls, home, away, date, data, session=session):
date = datetime.strptime(date, "%Y-%m-%d")
home = Team.from_query(home, session).id
away = Team.from_query(away, session).id
match = session.query(Match).filter(
Match.date.between(date, date + timedelta(days=1))).filter_by(
home=home, away=away).one()
if 'date' in data:
match.date = datetime.strptime(data['date'], "%Y-%m-%d")
if ('season' in data) and ('tournament' in data):
season = Season.from_query(season=data['season'],
tournament=data['tournament'],
session=session).season_id
print(season)
match.season = int(season)
if 'home_team' in data:
match.home = Team.from_query(data['home_team'], session).id
if 'away_team' in data:
match.away = Team.from_query(data['away_team'], session).id
if 'home_score' in data:
match.home_score = float(data['home_score'])
if 'away_score' in data:
match.away_score = float(data['away_score'])
session.commit()
return rugby.data.Match(match.to_dict(session))
def post_login(self, user, token_result):
user.id_from_idp = token_result["sub"]
user.email = token_result["email"]
user.display_name = "{given_name} {family_name}".format(**token_result)
info = {}
if user.additional_info is not None:
info.update(user.additional_info)
info.update(token_result)
info.pop("fence_username", None)
info.pop("exp", None)
user.additional_info = info
current_session.add(user)
current_session.commit()
with flask.current_app.arborist.context(authz_provider="synapse"):
if config["DREAM_CHALLENGE_TEAM"] in token_result.get("team", []):
# make sure the user exists in Arborist
flask.current_app.arborist.create_user(
dict(name=user.username))
flask.current_app.arborist.add_user_to_group(
user.username,
config["DREAM_CHALLENGE_GROUP"],
datetime.now(timezone.utc) +
timedelta(seconds=config["SYNAPSE_AUTHZ_TTL"]),
)
else:
flask.current_app.arborist.remove_user_from_group(
user.username, config["DREAM_CHALLENGE_GROUP"])
def _unlink_google_account():
user_id = current_token["sub"]
g_account = (
current_session.query(UserGoogleAccount)
.filter(UserGoogleAccount.user_id == user_id)
.first()
)
if not g_account:
error_message = {
"error": "g_acnt_link_error",
"error_description": (
"Couldn't unlink account for user, no linked Google "
"account found."
),
}
_clear_google_link_info_from_session()
return error_message, 404
g_account_access = (
current_session.query(UserGoogleAccountToProxyGroup)
.filter(
UserGoogleAccountToProxyGroup.user_google_account_id == g_account.id
)
.first()
)
if g_account_access:
try:
with GoogleCloudManager() as g_manager:
g_manager.remove_member_from_group(
member_email=g_account.email,
group_id=g_account_access.proxy_group_id,
)
except Exception as exc:
error_message = {
"error": "g_acnt_access_error",
"error_description": (
"Couldn't remove account from user's proxy group, "
"Google API failure. Exception: {}".format(exc)
),
}
_clear_google_link_info_from_session()
return error_message, 400
current_session.delete(g_account_access)
current_session.commit()
current_session.delete(g_account)
current_session.commit()
# clear session and cookies so access token and session don't have
# outdated linkage info
flask.session.clear()
response = flask.make_response("", 200)
clear_cookies(response)
return response
def update(id, data):
user = current_session.query(User).get(id)
if user is None:
abort(404)
for key in data.keys():
setattr(user, key, data[key])
current_session.commit()
return jsonify(**user.to_dict())
def add(cls, name, score=None, session=session):
try:
event_type = session.query(cls).filter_by(name=name).one()
except NoResultFound:
event_type = EventType(name=name, score=score)
session.add(event_type)
session.commit()
return event_type
def save_task(self):
try:
current_session.add(self)
current_session.commit()
except (Exception, ) as e:
current_session.rollback()
raise Exception(e)
return True
def commit():
try:
current_session.commit()
except Exception as e:
current_session.rollback()
raise e
finally:
current_session.close()
def login_user(username, provider, fence_idp=None, shib_idp=None, email=None):
"""
Login a user with the given username and provider. Set values in Flask
session to indicate the user being logged in. In addition, commit the user
and associated idp information to the db.
Args:
username (str): specific username of user to be logged in
provider (str): specfic idp of user to be logged in
fence_idp (str, optional): Downstreawm fence IdP
shib_idp (str, optional): Downstreawm shibboleth IdP
email (str, optional): email of user (may or may not match username depending
on the IdP)
"""
def set_flask_session_values(user):
"""
Helper fuction to set user values in the session.
Args:
user (User): User object
"""
flask.session["username"] = user.username
flask.session["user_id"] = str(user.id)
flask.session["provider"] = user.identity_provider.name
if fence_idp:
flask.session["fence_idp"] = fence_idp
if shib_idp:
flask.session["shib_idp"] = shib_idp
flask.g.user = user
flask.g.scopes = ["_all"]
flask.g.token = None
user = query_for_user(session=current_session, username=username)
if user:
_update_users_email(user, email)
# This expression is relevant to those users who already have user and
# idp info persisted to the database. We return early to avoid
# unnecessarily re-saving that user and idp info.
if user.identity_provider and user.identity_provider.name == provider:
set_flask_session_values(user)
return
else:
if email:
user = User(username=username, email=email)
else:
user = User(username=username)
idp = (current_session.query(IdentityProvider).filter(
IdentityProvider.name == provider).first())
if not idp:
idp = IdentityProvider(name=provider)
user.identity_provider = idp
current_session.add(user)
current_session.commit()
set_flask_session_values(user)
def new_comment(project_id):
""" Post a comment on this project.
"""
form = ProjectCommentForm()
if form.validate_on_submit():
project = project_for(project_id)
author = CommentAuthor.from_user(current_session, current_user)
parent_id = int(form.parent_id.data) if form.parent_id.data else None
thread_id = int(form.thread_id.data) if form.thread_id.data else None
# we have proxy fix for remote_addr.
ip_address = request.remote_addr
created_at = datetime.datetime.now()
# hardcoded pygame forum id.
category = '796386'
forum = 'pygame'
title = project.title
link = f'https://pygame.org/project/{project_id}/'
id_text = f'pygame_project_{project_id}'
message = form.message.data
message = message if '<p>' not in message else f'<p>{message}</p>'
if not thread_id:
thread = CommentThread(
id_text=id_text,
forum=forum,
category=category,
link=link,
title=title,
ip_address=ip_address,
author=author,
created_at=created_at,
is_closed=False,
is_deleted=False,
)
current_session.add(thread)
post = CommentPost(author=author,
parent_id=parent_id,
message=sanitize_html(message),
ip_address=ip_address,
created_at=created_at,
is_deleted=False,
is_spam=False)
if classify_comment(post) == 'spam':
post.is_spam = True
if thread_id is None:
post.thread = thread
else:
post.thread_id = thread_id
current_session.add(post)
current_session.commit()
return redirect(url_for('project.view', project_id=project_id))
def put(self, id):
assert request.json["id"] == id
account = account_schema.load(request.json, partial=True)
assert account.owner_id == current_user.id
current_session.add(account.data)
current_session.commit()
return account_schema.dump(account.data).data, 201
def new_project():
""" This adds both a project, and a release.
"""
form = FirstReleaseForm()
if form.validate_on_submit():
now = datetime.datetime.now()
user = current_user
project = Project(
title=form.title.data,
summary=form.summary.data,
description=form.description.data,
uri=form.uri.data,
datetimeon=now,
user=user,
youtube_trailer=form.youtube_trailer.data,
github_repo=form.github_repo.data,
patreon=form.patreon.data,
)
tags = [t.lstrip().rstrip() for t in form.tags.data.split(',')]
if '' in tags:
tags.remove('')
for value in tags:
tag = Tags(project=project, value=value)
current_session.add(tag)
release = Release(datetimeon=now,
description=form.description.data,
srcuri=form.srcuri.data,
winuri=form.winuri.data,
macuri=form.macuri.data,
version=form.version.data)
project.releases.append(release)
if form.image.data is not None:
www = Path(current_app.config['WWW'])
sec_fname = secure_filename(form.image.data.filename)
extension = os.path.splitext(sec_fname)[-1]
current_session.commit()
image_fname = f'{project.id}{extension}'
project.image = image_fname
image_path = str(www / 'shots' / image_fname)
save_image(form.image, image_path)
current_session.add(project)
current_session.commit()
return redirect(url_for('project.view', project_id=project.id))
return render_template('project/newproject.html', form=form)
def edit_project(project_id):
project = project_for(project_id)
if project.user.id != current_user.id:
abort(404)
if request.method == 'GET':
form = ProjectForm(obj=project)
form.tags.data = ','.join([t.value for t in project.tags])
form.image.data = ''
else:
form = ProjectForm()
if form.validate_on_submit():
project.title = form.title.data
project.summary = form.summary.data
project.description = form.description.data
project.uri = form.uri.data
project.datetimeon = datetime.datetime.now()
project.youtube_trailer = form.youtube_trailer.data
project.github_repo = form.github_repo.data
project.patreon = form.patreon.data
for tag in (current_session.query(Tags).filter(
Tags.project_id == project.id).all()):
current_session.delete(tag)
tags = [t.lstrip().rstrip() for t in form.tags.data.split(',')]
if '' in tags:
tags.remove('')
for value in tags:
tag = Tags(project=project, value=value)
current_session.add(tag)
current_session.add(project)
current_session.commit()
if form.image.data is not None:
www = Path(current_app.config['WWW'])
sec_fname = secure_filename(form.image.data.filename)
extension = os.path.splitext(sec_fname)[-1]
image_fname = f'{project.id}{extension}'
project.image = image_fname
current_session.add(project)
image_path = str(www / 'shots' / image_fname)
save_image(form.image, image_path)
current_session.commit()
return redirect(url_for('project.view', project_id=project.id))
return render_template('project/editproject.html',
form=form,
project_id=project_id)
def list_player_simulations():
simulations = (
current_session.query(models.PlayerSimulation)
.order_by(models.PlayerSimulation.run_time.desc())
)
load_all = flask.request.args.get('all', False)
if not load_all:
simulations = simulations.limit(50)
form = PlayerSimulationForm()
form.profile_id.choices = [
(profile.id, str(profile))
for profile in current_session.query(models.Profile)
]
if form.validate_on_submit():
form_data = form.data.copy()
form_data.pop('csrf_token', None)
profile = (
current_session.query(models.Profile)
.filter(models.Profile.id == form_data['profile_id'])
.one()
)
lookups = sim.load_lookups(current_session)
simulation = models.PlayerSimulation(
profile=profile,
iterations=form_data['iterations'],
)
current_session.add(simulation)
current_session.commit()
flask.g.q.enqueue_call(
jobs.run_one_player_sim,
kwargs=dict(
sim_id=simulation.id,
profile=profile,
score_shot_types=lookups[0],
score_points=lookups[1],
iterations=form_data['iterations']
),
)
return flask.redirect(
flask.url_for('.view_player_simulation', id=simulation.id)
)
return flask.render_template(
'list_player_simulations.html',
form=form,
simulations=simulations,
show_modal=flask.request.method == 'POST',
), 200 if flask.request.method == 'GET' else 400
def cancel_request_by_id(request_id):
waiting_pages = db_session.query(Page).filter(Page.request_id == request_id) \
.filter(Page.state.in_([PageState.CREATED, PageState.WAITING, PageState.PROCESSING]))\
.all()
timestamp = datetime.datetime.utcnow()
for page in waiting_pages:
page.state = PageState.CANCELED
page.finish_timestamp = timestamp
db_session.commit()
def remove(cls, home, away, date, session=session):
date = datetime.strptime(date, "%Y-%m-%d")
home = Team.from_query(home, session).id
away = Team.from_query(away, session).id
match = session.query(Match).filter(
Match.date.between(date, date + timedelta(days=1))).filter_by(
home=home, away=away).one()
session.delete(match)
session.commit()
def put(self, id):
assert request.json["id"] == id
if id != current_user.id:
abort(401)
user = user_schema.load(request.json)
current_session.add(user.data)
current_session.commit()
return user_schema.dump(user.data).data, 201
def set_csrf(response):
"""
Create a cookie for CSRF protection if one does not yet exist
"""
if not flask.request.cookies.get("csrftoken"):
secure = config.get("SESSION_COOKIE_SECURE", True)
response.set_cookie("csrftoken", random_str(40), secure=secure)
if flask.request.method in ["POST", "PUT", "DELETE"]:
current_session.commit()
return response
def add(self, firstname, surname, country=None, session=session):
try:
player = session.query(Player).filter_by(firstname=firstname,
surname=surname).one()
except NoResultFound:
player = Player(firstname=firstname,
surname=surname,
country=country)
session.add(player)
session.commit()
return player
