def index():
error = utils.errormessage(request.args.get('error'))
if not users.loggedin():
return render_template("login.html", error=error)
exercises = ''
if not (users.userlevel() > 1):
exercises = contents.usersExercises(users.userid())
return render_template("index.html",
exercises=exercises,
username=users.username(),
exercisetypes=contents.exercisetypes(),
error=error)
else:
exercises = contents.allExercises()
return render_template("indexadmin.html",
exercises=exercises,
username=users.username(),
exercisetypes=contents.exercisetypes(),
error=error)
def addinfo(username):
user_id = users.user_id()
s_username = users.username()
if user_id == 0 or s_username != username:
return render_template(
"rules.html",
message='Sinulla ei ole oikeutta lisätä tietoa tähän profiiliin!',
additional=error_redirect)
return render_template("addinfo.html", username=username)
def deleteinfo(username, info_id):
user_id = users.user_id()
s_username = users.username()
if user_id == 0 or s_username != username:
return render_template(
"rules.html",
message='Sinulla ei ole oikeutta muokata tämän profiilin tietoja!',
additional=error_redirect)
users.delete_info(info_id)
return redirect("/profile/" + str(username))
def allow_reject_user_group(action, group_id, username):
if action == "accept" and groups.accept_user_to_group(group_id, username):
return redirect("/groups/" + str(group_id))
if action == "reject" and groups.reject_user_from_group(
group_id, username):
return redirect("/groups/" + str(group_id))
if action == "remove" and groups.remove_member_from_group(
group_id, username):
if username == users.username():
return redirect("/groups")
return redirect("/groups/" + str(group_id))
def submiteditinfo(username, info_id):
if users.token() != request.form["csrf_token"]:
abort(403)
user_id = users.user_id()
s_username = users.username()
if user_id == 0 or s_username != username:
return render_template(
"rules.html",
message='Sinulla ei ole oikeutta muokata tämän profiilin tietoja!',
additional=error_redirect)
about = request.form["about"]
info = request.form["info"]
users.update_info(info_id, about, info)
return redirect("/profile/" + str(username))
def editinfo(username, info_id):
user_id = users.user_id()
s_username = users.username()
if user_id == 0 or s_username != username:
return render_template(
"rules.html",
message='Sinulla ei ole oikeutta muokata tämän profiilin tietoja!',
additional=error_redirect)
user_info = users.get_info(info_id)
return render_template("editinfo.html",
username=username,
about=user_info[0],
info=user_info[1],
info_id=info_id)
def sendinfo(username):
if users.token() != request.form["csrf_token"]:
abort(403)
user_id = users.user_id()
s_username = users.username()
if user_id == 0 or s_username != username:
return render_template(
"rules.html",
message='Sinulla ei ole oikeutta lisätä tietoa tähän profiiliin!',
additional=error_redirect)
about = request.form["about"]
info = request.form["info"]
users.add_info(user_id, about, info)
return redirect("/profile/" + str(username))
def profile():
if "user_id" in session:
if request.method == "GET":
user_id = users.user_id()
username = users.username()
return render_template("profile.html", username=username)
if request.method == "POST":
checkpoint_id = request.form["checkpoint_id"]
checkpoint_name = checkpoints.get_checkpoint_name(checkpoint_id)
file = request.files["file"]
name = file.filename
if not name.endswith(".jpg"):
checkpointsList = checkpoints.get_checkpoints()
return render_template("perform.html",
message="Please submit a jpg!",
checkpointsList=checkpointsList)
data = file.read()
if len(data) > 100 * 1024:
checkpointsList = checkpoints.get_checkpoints()
return render_template("perform.html",
message="File size too large!",
checkpointsList=checkpointsList)
user_id = users.user_id()
username = users.username()
checkpoints.perform_checkpoint(data, user_id, checkpoint_id)
return render_template(
"profile.html",
username=username,
message="You successfully performed your checkpoint!")
else:
return render_template("login.html",
message="Please log in to view your profile!")
def profile(username):
getuser = users.username()
admin = users.admin()
if username != getuser and admin == 0:
return render_template(
"rules.html",
message='Sinulla ei ole oikeutta nähdä profiilisivua!',
additional=error_redirect)
user_id = users.user_id_db(username)[0]
own_messages = messages.get_users_messages(user_id)
own_info = users.get_all_info(user_id)
return render_template("profile.html",
user=username,
messages=own_messages,
infos=own_info)
def remove_member_from_group(group_id, username):
# If user is groups admin (first member), user is able to remove other users from group
if users.is_group_admin(
group_id) or users.is_admin() or users.username() == username:
sql = """UPDATE groups
SET members=array_remove(members,(SELECT id FROM users WHERE username=:username))
WHERE id=:group_id"""
db.session.execute(sql, {"username": username, "group_id": group_id})
db.session.commit()
sql = "SELECT array_length(members,1) FROM groups WHERE id=:group_id"
result = db.session.execute(sql, {"group_id": group_id})
length = result.fetchone()[0]
print("Length of array : " + str(length))
if length < 1:
sql = "UPDATE groups SET visible=false WHERE id=:group_id"
db.session.execute(sql, {"group_id": group_id})
db.session.commit()
return True
return False