def create_client():
user = get_user(session["userdata"]["id"])
print(user.id)
form = OAuth2ClientCreationForm()
if form.validate_on_submit() and form.submit.data:
client = OAuth2Client(client_name = form.client_name.data,
client_uri = form.client_uri.data,
scope = form.scope.data,
redirect_uri = form.redirect_uri.data,
grant_type = form.grant_type.data,
response_type = form.response_type.data,
token_endpoint_auth_method = form.token_endpoint_auth_method.data,
user_id = user.id
)
client.client_id = gen_salt(24)
if client.token_endpoint_auth_method == 'none':
client.client_secret = ''
else:
client.client_secret = gen_salt(48)
db.session.add(client)
db.session.commit()
flash("Successfully created oauth client!")
return redirect("oauth2/create_client")
# create client form validation + processing
return render_custom_template('oauth2/create_client.html',
clientForm = form)
def authorize():
user = get_user(session["userdata"]["id"])
form = OAuth2AuthForm()
if request.method == 'POST' and form.submit:
return authorization.create_authorization_response(grant_user=user)
else:
grant = authorization.validate_consent_request(
end_user=user)
return render_custom_template('oauth2/authorize.html', user=user,
grant=grant,
authForm=form)
def delete_score(student_username, contest_id):
user = get_user(session["userdata"]["id"])
student = Student.query.filter_by(username=student_username).first()
contest = Contest.query.get(contest_id)
if not contest or (user.school != student.school):
return json_response({}, 400)
scores = Score.query.filter_by(student_id=student.id,
contest_id=contest.id)
scores.delete()
db.session.commit()
return json_response({}, 200)
def addStudents():
user = get_user(session["userdata"]["id"])
studentForm = NewStudentForm()
school = user.school
# list of divisions that a school participates in
schools_divisions = school.getDivisionsList()
school_teams_list = []
for team in school.teams:
formatted_name = '{} ({})'.format(team.name, team.division.name)
school_teams_list.append((team.id, formatted_name))
school_teams_list += [(-1*division.id, division.name + ' Alternate') for division in schools_divisions]
studentForm.team.choices = school_teams_list
if studentForm.validate_on_submit() and studentForm.submit.data:
team_id = studentForm.team.data
newStudentTeamId = None
newStudentDivisionId = None
if team_id < 0:
newStudentDivisionId = team_id * -1
else:
newStudentTeamId = team_id
# TODO - make this query less
team = Team.query.filter_by(id=team_id).first()
print(team)
newStudentDivisionId = team.division_id
newStudent = Student(first=studentForm.first.data,
last= studentForm.last.data,
graduation_year=2023
)
newStudent.school = school
newStudent.division_id = newStudentDivisionId
newStudent.team_id = newStudentTeamId
db.session.add(newStudent)
db.session.commit()
flash("Student successfully added!")
return redirect("/students/manage")
return render_custom_template("core/students/add_student.html",
title="Add a student",
studentForm = studentForm
)
def list_students():
contest_id = request.args.get('contest_id')
team_id = request.args.get('team_id')
user = get_user(session["userdata"]["id"])
school = user.school
contest = Contest.query.filter_by(id=contest_id).first()
team = Team.query.filter_by(id=team_id).first()
if not (contest and user and team) or (team.school != school) or (
contest.division != team.division):
return json_response(0, 400)
studentsQuery = Student.query.filter_by(school_id=school.id,
division_id=contest.division.id)
student_usernames = [
student.username for student in studentsQuery
if student.isValidParticipant(contest=contest, team=team)
]
return json_response(student_usernames, 200)
def update_scores(contest_id, team_id):
user = get_user(session["userdata"]["id"])
school = user.school
contest = Contest.query.filter_by(id=contest_id).first()
team = Team.query.filter_by(id=team_id).first()
if not (contest and user and team) or (team.school != school) or (
contest.division != team.division):
flash(
"Unspecified Error (Tell the admin to fix the application the application)"
)
return redirect("/")
studentsQuery = Student.query.filter_by(school_id=school.id,
division_id=contest.division.id)
students = [
student for student in studentsQuery
if student.isValidParticipant(contest=contest, team=team)
]
return render_custom_template("core/scores/update.html",
user=user,
contest=contest,
students=students,
team=team)
def show_students():
user = get_user(session["userdata"]["id"])
students = user.school.students
return render_custom_template("core/students/manage.html",
students=students)
def authenticate_user(self, authorization_code):
return get_user(authorization_code.id)
def authenticate_user(self, credential):
return get_user(credential.user_id)
def view_clients():
user = get_user(session["userdata"]["id"])
clients = OAuth2Client.query.filter_by(user_id=user.id).all()
return jsonify([(client.client_info, client.client_metadata) for client in clients]
)
def add_score():
response_data = {}
req_json = request.get_json()
if not req_json:
response_data["message"] = "Invalid data format!"
return json_response(response_data, 400)
user = get_user(session["userdata"]["id"])
contest_id = req_json.get("contest_id")
team_id = req_json.get("team_id")
student_display_name = req_json.get("student_display_name")
scores_json = req_json.get("scores")
scores = {}
# transform it into integer-keys
if scores_json:
for score in scores_json:
try:
scores[int(score)] = scores_json[score]
except ValueError:
response_data["message"] = "Invalid data format"
return json_response(response_data, 400)
# scores - dict of scores ie {1:0, 2:1}
contest = Contest.query.filter_by(id=contest_id).first()
team = Team.query.filter_by(id=team_id).first()
student = Student.query.filter_by(username=student_display_name).first()
if not (contest_id and team_id and student_display_name and user):
response_data["message"] = "Not enough data provided!"
return json_response(response_data, 400)
if not (contest and team and student):
response_data["message"] = "Invalid contest team or student"
return json_response(response_data, 400)
userIsCoach = user.school and user.school == team.school
isPossibleMember = (not student.team and student.school
== team.school) or student.team == team
if not (userIsCoach and isPossibleMember):
response_data["message"] = "You cannot manage this group!"
return json_response(response_data, 403)
# make sure the key values are [1->n+1)
expected_keys = [i for i in range(1, contest.getQuestionCount() + 1)]
if scores and sorted(list(scores.keys())) == expected_keys:
teamScoresQuery = Score.query.filter_by(contest_id=contest_id,
team_id=team_id)
studentScoresQuery = Score.query.filter_by(contest_id=contest_id,
student_id=student.id)
if studentScoresQuery.count() != 0:
# if the scores need be updated
for oldScoreObject in studentScoresQuery:
question_num = oldScoreObject.getQuestionNum()
question_points = min(oldScoreObject.getMaxPoints(),
scores[question_num])
oldScoreObject.points_awarded = question_points
db.session.commit()
response_data[
"message"] = "Student already had scores and they were instead updated"
return json_response(response_data, 200)
# if the full data set is already submitted:
if teamScoresQuery.count(
) >= contest.getQuestionCount() * contest.getTeamSize():
response_data[
"message"] = "There appears to already be a full dataset submitted!"
return json_response(response_data, 400)
else:
for question_num in scores:
newScoreObject = Score(question_num=question_num,
points_awarded=scores[question_num],
timestamp=datetime.utcnow(),
contest_id=contest_id,
team_id=team_id,
coach_id=user.id,
student_id=student.id)
db.session.add(newScoreObject)
db.session.commit()
else:
# formatting incorrect for keys:
response_data["message"] = "Keys don't match expected format!"
return json_response(response_data, 400)
response_data["status"] = 1
return json_response(response_data, 200)