Esempio n. 1
0
def delete_user(user_id):
    """
    Delete a user.

    This page can be requested in both GET and POST methods:

    * If this page was requested with GET method, a form that confirms that this user should be removed is returned.
    * If this page was requested with POST method, the validation form is checked. If it is validated successfully.
        Later (even if the user was not deleted) the user is redirected to the management page (see
        :meth:`~edsudoku.server.manage_users.manage_users`).

    :param user_id: The user ID to be deleted.
    :type user_id: int
    :return: As explained above.
    :rtype: flask.Response
    """
    user_to_delete = User.get_by_id(user_id)
    if not user_to_delete:
        flash('User not found', 'danger')
        return redirect(url_for('manage_users'))

    if request.method == 'POST':
        user_id2 = int(request.form.get('user_id', -1))
        approved = bool(request.form.get('approved', False))

        if approved and user_id == user_id2:
            user_to_delete.delete()
            commit()
            flash('User %s has been deleted successfully' % user_to_delete.display, 'success')
        else:
            flash('User not deleted', 'warning')
        return redirect(url_for('manage_users'))

    user = User.get_by_id(session['user'])
    return render_template('delete_user.html', user=user, user_to_delete=user_to_delete)
Esempio n. 2
0
def manage_users():
    """
    Manage the other users.

    This page lists the available users, with buttons to edit and remove the users.

    :return: The page.
    :rtype: flask.Response
    """
    users = User.query().all()
    user = User.get_by_id(session['user'])
    return render_template('list_users.html', users=users, user=user)
Esempio n. 3
0
def login():
    """
    Show the login page and handle login requests.

    :return: The login page.
    :rtype: flask.Response
    """
    if request.method == 'POST':
        try:
            username = request.form.get('username', None)
            password = request.form.get('password', None)

            if username is None or password is None:
                flash('Invalid data', 'danger')
                return redirect(url_for('login'))

            user = User.query().filter_by(username=username).first()
            if user is None or not user.check_password(password):
                flash('Invalid login credentials', 'danger')
            else:
                flash('You were logged in successfully!', 'success')
                session['logged_in'] = True
                session['user'] = user.id

                if request.args.get('next', None):
                    return redirect(request.args['next'])
                return redirect(url_for('main_page'))
        except KeyError:
            flash('Missing username or password', 'info')
    return render_template('login.html')
Esempio n. 4
0
 def wrapped(*args, **kwargs):
     if not session.get("logged_in"):
         return redirect(url_for("login", next=request.url))
     elif permission is not None and not User.get_by_id(session["user"]).has_permission(permission):
         flash("Permission denied", "danger")
         return redirect(url_for("main_page"))
     else:
         return func(*args, **kwargs)
Esempio n. 5
0
def edit_user(user_id):
    """
    Edit a user.

    * If this page was requested with GET method, the user editing form is displayed.
    * If this page was requested with a POST method, a user editing is processed.

      * If the form was processed successfully, the user is redirected to the management page
        (see :func:`~edsudoku.server.manage_users.manage_users`).
      * Otherwise, the form is returned with an error explanation.

    :param user_id: The user ID to edit.
    :type user_id: int
    :return: As explained above.
    :rtype: flask.Response
    """
    user = User.get_by_id(session['user'])

    edited_user = User.get_by_id(user_id)
    if not edited_user:
        flash('User not found', 'danger')
        return redirect(url_for('manage_users'))

    if request.method == 'POST':
        password = request.form.get('password', None)
        display = request.form.get('display', None)
        permissions = [permission for permission in UserPermission.PERMISSIONS
                       if request.form.get(permission.name, None) == str(permission.flag)]

        if password:
            if password != request.form.get('password2', None):
                flash('Passwords mismatch', 'warning')
                return redirect(url_for('edit_user', user_id=user_id))
            edit_user.set_password(password)

        edited_user.display = display
        edited_user.set_permissions(permissions)

        commit()

        flash('User updated successfully', 'success')
        return redirect(url_for('manage_users'))

    return render_template('edit_user.html', user=user, edited_user=edited_user,
                           permissions=UserPermission.PERMISSIONS)
Esempio n. 6
0
def main():
    """
    Main entry point for this script.
    """
    args = _parse_args()

    user = args.user
    password = args.password or getpass()

    print 'Initializing DB...'
    if args.drop:
        print >> stderr, 'WARNING: All information is being dropped.'
        Base.metadata.drop_all(bind=engine)
    Base.metadata.create_all(bind=engine)
    with app.app_context():
        User.new_user(user, password, UserPermission.PERMISSIONS).add()
        commit()
    print 'Done!'
Esempio n. 7
0
def register_user():
    """
    Register a new user account.

    * If this page was requested with a GET method, the new user registration form will be shown.
    * If this page was requested with a POST method, a registration form is processed.

    In any case, a registration form is returned.

    :return: The registration form.
    :rtype: flask.Response
    """
    user = User.get_by_id(session['user'])

    if request.method == 'POST':
        username = request.form.get('username', None)
        password = request.form.get('password', None)
        password2 = request.form.get('password2', None)

        if not username:
            flash('Username cannot be empty', 'danger')
            return redirect(url_for('register_user'))
        if not password:
            flash('Password cannot be empty', 'warning')
            return redirect(url_for('register_user'))
        if password != password2:
            flash('Passwords do not match', 'warning')
            return redirect(url_for('register_user'))

        display = request.form.get('display', None)
        permissions = [permission for permission in UserPermission.PERMISSIONS
                       if request.form.get(permission.name, None) == str(permission.flag)]

        try:
            User.new_user(username, password, permissions, display).add()
            commit()
        except:
            flash('Unable to register %s' % username, 'danger')
        else:
            flash('User %s successfully created!' % username, 'success')

    return render_template('register.html', user=user, permissions=UserPermission.PERMISSIONS)
Esempio n. 8
0
def list_other_boards(many):
    """
    List the boards of all users.

    :param many: ``True`` iff multiple boards can be selected.
    :type many: bool
    :return: A list of boards.
    :rtype: flask.Response
    """
    boards = DBBoard.query().all()
    user = User.get_by_id(session['user'])
    return render_template('list_boards.html', boards=boards, many=many, root=True, user=user)
Esempio n. 9
0
def main_page():
    """
    Webserver index page.

    :return: The main page.
    :rtype: flask.Response
    """
    if session.get('logged_in', False):
        user = User.get_by_id(session['user'])
    else:
        user = None
    return render_template('main_page.html', user=user)
Esempio n. 10
0
def list_boards(many):
    """
    List the available user boards.

    :param many: ``True`` iff multiple boards can be selected.
    :type many: bool
    :return: A list of the users boards.
    :rtype: flask.Response
    """

    user = User.get_by_id(session["user"])
    boards = DBBoard.query().filter_by(user=user).all()
    return render_template("list_boards.html", boards=boards, many=many, root=False, user=user)
Esempio n. 11
0
def view_many_boards(board_ids, solution, mode, root):
    """
    View many boards.
    """
    user = User.get_by_id(session['user'])
    query = DBBoard.query().filter(DBBoard.id.in_(board_ids))
    if not root:
        query = query.filter_by(user=user)
    boards = query.all()

    if mode == INSITE_BOARD_VIEW:
        return render_template('view_board.html', many=True, boards=boards, board_ids=board_ids,
                               is_solution=solution, root=root, user=user)
    elif mode == PRINT_BOARD_VIEW:
        return render_template('print_board.html', multi_board=True, boards=boards, is_solution=solution)
    elif mode == PDF_BOARD_VIEW:
        filename = 'solution.pdf' if solution else 'board.pdf'
        return render_pdf_template('pdf_board.tex', filename, multi_board=True, boards=boards, is_solution=solution)
    else:
        flash('Invalid mode', 'warning')
        return redirect(url_for('main_page'))
Esempio n. 12
0
def create_board():
    """
    Create a new board or some new boards.

    * If this page is requested with a GET method, the board generation form is returned.
    * If this page is requested with a POST method, a board generation form is processed, and new board/s is/are
        generated. Later a board generation form is returned, with a message that new boards were generated, with a
        link to the newly generated board/s.

    :return: As explained above.
    :rtype: flask.Response
    """
    just_created = False
    user = User.get_by_id(session["user"])

    if request.method == "POST":
        try:
            board_type = request.form["type"]
            width, height = BOARD_TO_DIMENSION[board_type](request.form)
            count = int(request.form["count"])

            boards = [DBBoard.create_board(user, generate(width, height)) for _ in xrange(count)]
            commit()

            board_ids = [board.id for board in boards]
            session["last_boards"] = board_ids

            if len(board_ids) == 1:
                flash("Created one board", "success")
            else:
                flash("Created %d boards" % len(board_ids), "success")
            just_created = True
        except (KeyError, ValueError):
            flash("Invalid request data", "danger")
        except:
            flash("Internal server error", "danger")
    return render_template("create_board.html", just_created=just_created, user=user)
Esempio n. 13
0
def view_one_board(board_id, solution, mode, root):
    """
    View a single board.
    """
    user = User.get_by_id(session['user'])
    board = DBBoard.get_by_id(board_id)

    if board is None or (board.user != user and not root):
        flash('Board not found', 'warning')
        return redirect(url_for('main_page'))

    if mode == INSITE_BOARD_VIEW:
        return render_template('view_board.html', many=False, board=board, board_id=board_id, is_solution=solution,
                               root=root, user=user)
    elif mode == PRINT_BOARD_VIEW:
        return render_template('print_board.html', multi_board=False, board=board, board_id=board_id,
                               is_solution=solution)
    elif mode == PDF_BOARD_VIEW:
        filename = 'solution.pdf' if solution else 'board.pdf'
        return render_pdf_template('pdf_board.tex', filename, multi_board=False, board=board, board_id=board_id,
                                   is_solution=solution)
    else:
        flash('Invalid mode', 'warning')
        return redirect(url_for('main_page'))