def delete_report_redirect(): if session['log_in']==True: _id= session['uuid'] if User.is_admin(_id): deletereport=request.args['id'] Report.delete(deletereport) return redirect(url_for('administration')) else: User.update(_id,'banned',True) return redirect(url_for('index'))
def userdashboard(): if session['log_in'] == True: _id = session['uuid'] pending = Report.get_report_status_per_user(_id,0) accepted = Report.get_report_status_per_user(_id,1) rejected = Report.get_report_status_per_user(_id,-1) reportCount = get_reports_per_user_count(_id) history = get_chat_messages(_id) usernames = get_username_from_messages(history[0]) length = len(history[0]) return view.render_template(view='userdashboard.html',pending=pending,accepted=accepted,rejected=rejected,reportCount=reportCount,history=history,usernames=usernames,length=length) return redirect(url_for('index'))
def unlock_report(): if session['log_in'] == True: _id = session['uuid'] if User.is_admin(_id): unlock_report=request.args['id'] unlocked_report=Report.get_report(unlock_report) if unlocked_report['locked'] == True: Report.update(unlocked_report['reportId'],'locked',False) return redirect(url_for('administration')) else: User.update(_id,'banned',True) return redirect(url_for('index'))
def calculate_score_for_user(user): score=0 if user['banned']==False: allUserReports=Report.find_reports_by_owner_id(user['_id']) for report in allUserReports: score+=int(report['reportScore']) return[user['username'],score]
def new_report(): if session['log_in'] == True: error=None _id = session['uuid'] if request.method == 'POST': if check_form_empty(request.form,ignore='reportContent'): error='Please fill all the form before submiting!' return view.render_template(view='add.html',error=error) else: reportOwner =_id reportName =request.form['reportName'] reportType =request.form['reportType'] reportLevel =request.form['reportLevel'] AttackVector =request.form['AttackVector'] reportDescription =request.form['reportDescription'] getprivilege =request.form['getprivilege'] AttackComplexity =request.form['AttackComplexity'] # handle file upload section if 'reportContent' in request.files: file =request.files['reportContent'] else: file = False reportFile = None if Report.get_reports_queue(_id)<=conf.REPORT_LIMIT: if file: reportFile = file.filename if allowed_file(reportFile): reportFile = secure_file_name(file.filename) file.save(os.path.join(os.getcwd()+conf.UPLOAD_FOLDER,reportFile)) else: error="File not allowed, INC ban" return view.render_template(view='add.html',error=error) report = Report.register_report(reportOwner,reportName,reportType,reportDescription,reportLevel,AttackComplexity,AttackVector,getprivilege,reportFile) # this has being changed before success = 'Reported submitted successfully!' return view.render_template(view='add.html',success=success) else: error='Due to flooding threat every user is limited to only '+str(conf.REPORT_LIMIT)+' reports in pending queue, Sorry for the inconvenience.' return view.render_template(view='add.html',error=error) elif request.method == 'GET': user = User.get_by_id(_id) error = None if user['banned'] == True: error = "You are not allowed to add a report because you are banned!" return view.render_template(view='banned.html',error=error) return view.render_template(view='add.html',error=error) return redirect(url_for('index'))
def evaluate_report(): error=None if session['log_in']==True: _id= session['uuid'] if User.is_admin(_id): edit_report=request.args['id'] report=Report.get_report(edit_report) if report['locked']== False: usernames = get_username(report) Report.update(report['reportId'],'locked',True) return view.render_template(view='admin_report.html',report=report,usernames=usernames) else: flash("Another admin is currently evaluating!") return redirect(url_for('administration')) else: User.update(_id,'banned',True) return redirect(url_for('index'))
def administration(): if session['log_in']==True: _id = session['uuid'] if User.is_admin(_id): # counting reports and users countReports = Report.get_all_reports_count() countUsers = User.count_users() # count waiting submissions pendingReportsCount = Report.get_pending_reports_count() acceptedReportsCount = Report.get_accepted_reports_count() rejectedReportsCount = Report.get_rejected_reports_count() # this line is an anti protection against division by zero if countReports==0: acceptedReportsRatio = 0 else: acceptedReportsRatio = round(acceptedReportsCount * 100 / countReports) currentDate=datetime.datetime.now() # this section gonna deal with the users management view in the admin dashboard allUsers=User.get_all_users() #handles the message display messages = Chat.get_unviewed_messages() usernames = get_username_from_messages(messages) len2 = len(usernames) # this section gonna deal with the reports management view in the admin dashboard allReports = Report.get_all_reports() allPending = Report.get_all_pending_reports() allAccepted = Report.get_all_accepted_reports() allRejected = Report.get_all_rejected_reports() # this section gonna handle the mini leaderboard in the admin panel Ranking=[] for user in allUsers: if user['admin'] == True: pass else: Ranking.append(calculate_score_for_user(user)) Ranking=sorted(Ranking,key=lambda l:l[1],reverse=True) length=len(Ranking) # to avoid the bug of displaying rank in leaderboard if length is None: length = 0 return view.render_template(view='admin/admin.html',countReports=countReports,countUsers=countUsers,pendingReportsCount=pendingReportsCount,acceptedReportsCount=acceptedReportsCount,rejectedReportsCount=rejectedReportsCount,ratio=acceptedReportsRatio, allReports=allReports,allUsers=allUsers,allPending=allPending,allAccepted=allAccepted,allRejected=allRejected,currenttime=currentDate ,length=length,ranking=Ranking,messages=messages,usernames=usernames,len2=len2) return redirect(url_for('index'))
def score_report(): if session['log_in']==True: _id= session['uuid'] if User.is_admin(_id): edit_report=request.form['id'] score=request.form['score'] if int(score)!=0: Report.update(edit_report,'reportScore',int(score)) Report.update(edit_report,'locked',False) Report.update(edit_report,'status',1) return redirect(url_for('administration')) else: Report.update(edit_report,'reportScore',int(score)) Report.update(edit_report,'status',-1) Report.update(edit_report,'locked',False) return redirect(url_for('administration')) else: User.update(_id,'banned',True) return redirect(url_for('index'))
def get_reports_per_user_count(_id): post = Report.find_reports_by_owner_id(_id) if post is not None: return len(post)
def get_reports(self, _id): return Report.find_reports_by_owner_id(_id)