def get(self, league_id: int): session = create_session() league = get_league(session, league_id) if league.have_permission(current_user): d = league.to_dict() else: d = league.to_secure_dict() return jsonify({'league': d})
def tournament_page(tour_id): session = create_session() tour = session.query(Tournament).get(tour_id) if not tour: abort(404) return render_template("tournament.html", tour=tour, menu=make_menu(session, tour_id=tour_id))
def get(self, game_id): session = create_session() game = get_game(session, game_id) if game.have_permission(current_user): d = game.to_dict() else: d = game.to_short_dict() return jsonify({'game': d})
def users_page(page=1): if current_user.role < 3: abort(403) session = create_session() current_page = paginate(session.query(User), page, 30) return render_template('users.html', title='Users', current_page=current_page)
def delete(self, tour_id): session = create_session() tour = get_tour(session, tour_id) if not tour.have_permission(current_user): abort(403, message="Permission denied") session.delete(tour) session.commit() return jsonify({'success': 'ok'})
def game_console(game_id): session = create_session() game = session.query(Game).get(game_id) if not game: abort(404) if not game.have_permission(current_user): abort(403) return render_template("game_console.html", game=game)
def user_page(user_id): session = create_session() user = session.query(User).filter(User.id == user_id).first() if not user: abort(404) if user.role > current_user.role: abort(403) return render_template('user.html', title=user.nickname, user=user)
def team_request(tour_id: int): form = TeamForm() session = create_session() tour = session.query(Tournament).get(tour_id) if not tour: abort(404) try: if form.validate_on_submit(): # Validate posted data team = Team().fill( name=form.name.data, motto=form.motto.data, trainer_id=current_user.id, tournament_id=tour.id, ) emails = set() vk_uids = [] for field in form.players.entries: # Check playes email = field.data.lower() if email in emails: field.errors.append("Участник указан несколько раза") raise ValidationError emails.add(email) user = session.query(User).filter(User.email == email).first() if not user: field.errors.append("Пользователь не найден.") raise ValidationError team.players.append(user) if user.integration_with_VK: vk_uids.append(user.id) session.add(team) session.commit() # Send notifications to players msg = Message(subject='Участие в турнире MatBoy', recipients=list(emails), sender=config.MAIL_DEFAULT_SENDER, html=render_template('mails/email/invite_team.html', team=team, tour=tour)) thr_email = Thread(target=send_message, args=[msg]) thr_vk = Thread(target=bot.notification_message, args=[ render_template('mails/vk/invite_team.vkmsg', team=team, tour=tour), vk_uids ]) thr_email.start() thr_vk.start() return redirect(team.link) except ValidationError: pass return render_template("team_request.html", tour=tour, form=form, menu=make_menu(session, tour_id=tour_id, now='Командная заявка'))
def post(self): args = self.parser.parse_args() session = create_session() topic = Topic( title=args['title'], ) session.add(topic) session.commit() return jsonify({'success': 'OK'})
def delete(self, team_id): """Sets the status of team to zero. Thats mean that the team request was refused""" session = create_session() team = get_team(session, team_id) if not team.have_permission(current_user): abort(403, message="Permission denied") team.status = 0 session.merge(team) session.commit() return jsonify({'success': 'ok'})
def topic_delete(topic_id): if current_user.role < 3: abort(403) session = create_session() topic = session.query(Topic).filter(Topic.id == topic_id).first() if not topic: abort(404) session.delete(topic) session.commit() return redirect('/')
def delete_tour(id): """Use it if only if user haven't relations""" session = create_session() tour = session.query(Tournament).get(id) if not tour: print("Tour not found") return session.delete(tour) session.commit() print(repr(tour), "now deleted")
def league_page(tour_id, league_id): session = create_session() league = session.query(League).get(league_id) if not (league and league.check_relation(tour_id)): abort(404) return render_template("league.html", league=league, menu=make_menu(session, tour_id=tour_id, league_id=league_id))
def disintegration(): if request.method == 'GET': return render_template('vk/vk_disintegration.html') session = create_session() user = session.query(User).get(current_user.id) user.vk_id = 0 user.integration_with_VK = False user.vk_notifications = False session.commit() return jsonify({"success": "ok"})
def post(self): args = self.parser.parse_args() session = create_session() subtopic = SubTopic( title=args['title'], topic_id=args['topic_id'] ) session.add(subtopic) session.commit() return jsonify({'success': 'OK'})
def delete(self, game_id): """Sets the status of game to zero. Thats mean that the game is canceled""" session = create_session() game = get_game(session, game_id) if not game.have_permission(current_user): abort(403) game.status = 0 session.merge(game) session.commit() return jsonify({"success": "ok"})
def login_page(): form = LoginForm() try: # Try login user using vk args = request.args uid, hash_st = args.get('uid'), args.get('hash') if uid and hash_st: # Check security if md5( (config.CLIENT_ID + uid + config.VK_SECRET_KEY).encode('utf-8')).hexdigest() != hash_st: raise ValidationError("Not valide vk hash") session = create_session() try: user = session.query(User).filter( User.vk_id == int(args.get('uid'))).first() except ValueError: raise ValidationError("Not valid uid") if not user: flash('Пользователь не найден', "error") raise ValidationError("User not found") login_user(user, remember=True) return back_redirect() except ValidationError: return redirect("/login?comefrom={}".format( request.args.get("comefrom", "/"))) if form.validate_on_submit(): session = create_session() user = session.query(User).filter( User.email == form.email.data).first() if not user: form.email.errors.append( "Пользователь с таким e-mail не зарегестрирован") elif not user.check_password(form.password.data): form.password.errors.append("Неправильный пароль") else: login_user(user, remember=True) return back_redirect() return render_template("login.html", form=form)
def upgrade(user_id): session = create_session() user = session.query(User).filter(User.id == user_id).first() if not user or user.role >= 3: abort(404) if current_user.role < 3: abort(403) user.role += 1 session.merge(user) session.commit() return redirect(f'/user/{user_id}')
def league_console(league_id: int): """Web page for manage league""" session = create_session() league = session.query(League).get(league_id) if not league: abort(404) if not league.have_permission(current_user): abort(403) return render_template("league_console.html", league=league)
def subtopic_delete(topic_id, subtopic_id): if current_user.role < 2: abort(403) session = create_session() subtopic = session.query(SubTopic).filter( SubTopic.id == subtopic_id, SubTopic.topic_id == topic_id).first() if not subtopic: abort(404) session.delete(subtopic) session.commit() return redirect('/')
def game_page(tour_id, league_id, game_id): session = create_session() game = session.query(Game).get(game_id) if not (game and game.check_relation(tour_id, league_id)): abort(404) return render_template("game.html", game=game, menu=make_menu(session, tour_id=tour_id, league_id=league_id, game_id=game_id))
def tournament_console(tour_id: int): """Web page for manage tournament""" session = create_session() tour = session.query(Tournament).get(tour_id) if not tour: abort(404) # If user haven't access to tournament if not tour.have_permission(current_user): abort(403) return render_template("tournament_console.html", tour=tour)
def put(self, user_id: int): args = self.put_pars.parse_args() session = create_session() user = get_user(session, user_id) if current_user != user and not current_user.is_admin: abort(403) if args['vk_id'] is not None: # integrate user with vk user.vk_id = args['vk_id'] user.integration_with_VK = True session.commit() return jsonify({"success": "ok"})
def post(self): args = self.parser.parse_args() session = create_session() comment = Comment( author_id=args['author_id'], post_id=args['post_id'], text=args['text'] ) session.add(comment) session.commit() return jsonify({'success': 'OK'})
def team_page(team_id, tour_id): session = create_session() team = session.query(Team).get(team_id) if not (team and team.check_relation(tour_id)): abort(404) return render_template("team.html", team=team, menu=make_menu( session, tour_id=tour_id, team_id=team_id, ))
def delete(self, post_id): """Deleting a post by id""" session = create_session() post = session.query(Post).filter(Post.id == post_id).first() if not post.have_permission(current_user): abort(403) if post: session.delete(post) session.commit() return jsonify({"success": "ok"}) else: abort(404, message="Post not found")
def post(self): args = self.parser.parse_args() session = create_session() post = Post( title=args['title'], subtopic_id=args['subtopic_id'], author_id=args['author_id'], lvl_access=args['lvl_access'], ) session.add(post) session.commit() return jsonify({'success': 'OK'})
def user_page(user_id): session = create_session() user = session.query(User).get(user_id) edit_password_form = EditPassword() edit_email_form = EditEmail() if not user: abort(404) return render_template("profile.html", user=user, edit_password_form=edit_password_form, edit_email_form=edit_email_form, menu=make_menu(session, user_id=user_id))
def edit_password(): """Function for changing password from personal account""" edit_password_form = EditPassword() if edit_password_form.validate_on_submit(): session = create_session() password = edit_password_form.password.data user = session.query(User).get(current_user.id) user.set_password(password) session.commit() return make_response(jsonify({'success': 'ok'}), 200) else: return make_response(jsonify(edit_password_form.errors), 400)
def change_password(): form = ChangePasswordForm() if form.validate_on_submit(): session = create_session() current_user.set_password(form.new_password.data) session.merge(current_user) session.commit() return redirect(f'/user/{current_user.id}') return render_template('change_password.html', title='Change password', form=form, title_form='Change password')