예제 #1
0
 def decorated_view(*args, **kwargs):
     if not current_user.is_authenticated:
         return login_manager.unauthorized()
     if (current_user.role != role) and (role != "ANY") and (
             current_user.role != 'SUPER'):
         return login_manager.unauthorized()
     return fn(*args, **kwargs)
예제 #2
0
 def decorated_view(*args, **kwargs):
     print(current_user.is_authenticated)
     if not current_user.is_authenticated:
       return login_manager.unauthorized()
     if ((current_user.type != role) and (role != "ANY")):
         return login_manager.unauthorized()
     return fn(*args, **kwargs)
예제 #3
0
        def decorated_view(*args, **kwargs):
            if not current_user.is_authenticated:
                return login_manager.unauthorized()

            urole = current_user.get_urole()
            if ((urole != role) and (role != "ANY")):
                if urole != "Admin":
                    return login_manager.unauthorized()
            return fn(*args, **kwargs)
예제 #4
0
def root_flag() -> Response:
    if current_user.is_authenticated:
        response: dict = {"ok": False, "result": ""}
        uid: str = session.get("_user_id") or session.get("user_id")

        input_data: dict = request.json or dict()

        if _chk_input(input_data):
            post_flag, post_id = input_data["flag"], input_data["id"]
        else:
            response["result"] = "Parameters missing!"
            return make_response(jsonify(response), 400)

        flag: Flag = Flag.query.filter_by(flag=post_flag).first()
        practice: Practice = Practice.query.filter_by(id=post_id).first()

        if flag is None or practice.uuid != flag.docker.practice.uuid:
            response["result"] = "Failed! Wrong flag submitted!"
            return make_response(jsonify(response), 404)
        else:
            response["ok"] = True
            if not Complete.is_solved(uid, practice.uuid):
                response["result"] = "Success!"
                Complete.add(uid, practice.uuid)
            else:
                response["result"] = "You had submitted the answer!"
        response["time"] = int(time.time())

        return make_response(jsonify(response))
    else:
        return login_manager.unauthorized()
예제 #5
0
def listing_details(listing_name, owner_id):

    if listing_model.get_listing(listing_name, owner_id).is_available == 'false':
        flash("That listing is out for loan and not available for bidding", "error")
        return redirect(url_for('index'))
    form = BidForm()
    bids = bid_model.get_bids_under_listing(listing_name, owner_id)
    # check if avail is false then redirect depending on whether the user is the owner or not
    listing = listing_model.get_listing(listing_name, owner_id)
    owner = user_model.get_user_by_id(owner_id)

    if request.method == 'POST':
        if not current_user.is_authenticated:  # check if user is logged in to send a post request
            return login_manager.unauthorized()
        if 'bidder_id' in request.form:  # update bid
            bidder_id = int(request.form.get('bidder_id'))
            new_price = float(request.form.get('bid_price'))
            bid_to_update = [bid for bid in bids if bid.bidder_id == bidder_id][0]
            if bid_to_update.update_bid(price=new_price):
                flash("Updated your bid successfully", "success")
            else:
                flash("Updated failed", "error")

        elif form.validate_on_submit():  # create new bid
            new_bid = bid_model.Bid(current_user.id, listing_name, owner_id, datetime.now(), form.price.data)
            if new_bid.create_bid():
                flash("Your bid has been placed", "success")
            else:
                flash("Placing of bid has failed", "error")

        return redirect(url_for('listing_details', listing_name=listing_name, owner_id=owner_id))
    return render_template('listing.html', listing=listing, bids_under_this_listing=bids, owner=owner, form=form)
예제 #6
0
        def decorated_view(*args, **kwargs):
            if not current_user.is_authenticated():
                return login_manager.unauthorized()

            unauthorized = False

            if role != Roles.DEFAULT:
                unauthorized = True
                for user_role in current_user.roles():
                    if user_role == role:
                        unauthorized = False
                        break

            if unauthorized:
                return login_manager.unauthorized()

            return fn(*args, **kwargs)
예제 #7
0
def show_user(user_id):
    user = User.query.get(user_id)
    title = u'No such user' if user is None else user.nickname

    if current_user.id != user.id and not current_user.is_admin():
        return login_manager.unauthorized()

    return render_template('users/user.html', title=title, user=user)
예제 #8
0
def loan_details(listing_name, owner_id):
    if current_user.id != owner_id:
        flash("You are not the owner of that listing", "error")
        return redirect(url_for('index'))
    if request.method == 'POST':
        if not current_user.is_authenticated:  # check if user is logged in to send a post request
            return login_manager.unauthorized()
        loan_model.delete_loan_of_listing(listing_name, owner_id)
        flash("Loan returned", "success")
        return redirect(url_for('index'))
    current_loan = loan_model.get_loan_of_listing(listing_name, owner_id)  # Need to check if None Type
    return render_template('loan.html', loan=current_loan)
예제 #9
0
def login():
    form = LoginForm(meta={'csrf': False})
    if form.validate_on_submit():
        app.logger.info(f'try to find user by email "{form.email.data}"')
        user = Journalist.query.filter_by(email=form.email.data).first()
        if user and user.check_password(form.password.data):
            login_user(user, remember=form.remember.data)
            app.logger.info(
                f'user "{user.name}" "{user.surname}" successfully logged in')
            return redirect(url_for('user', username=user.name))
        else:
            app.logger.info(f'user "user failed logged in')
            return login_manager.unauthorized()
    return render_template('login.html', form=form)
예제 #10
0
def root_choose() -> Response:
    if current_user.is_authenticated:
        response: dict = {
            "ok": False,
            "result": "Check your parameters and try again!"
        }
        uid: str = session.get("_user_id") or session.get("user_id")

        input_data: dict = request.json or dict()

        if _chk_input(input_data):
            input_id: str = input_data["id"]
            submitted_ids: List[int] = input_data.get("choose")
        else:
            response["result"] = "Parameters missing!"
            return make_response(jsonify(response), 400)

        practice: Practice = Practice.query.filter_by(id=input_id).first_or_404()
        choose: Choose = practice.choose.first_or_404()

        submitted_ids.sort()
        correct_ids: List[int] = [option.id for option in choose.option.filter_by(is_ans=True).all()]

        if correct_ids == submitted_ids:
            if not Complete.is_solved(uid, practice.uuid):
                response["ok"] = True
                response["result"] = "Success! You had submitted the correct answer!"
                Complete.add(uid, practice.uuid)
            else:
                response["ok"] = True
                response["result"] = "You had submitted the answer!"
        else:
            response["ok"] = False
            response["result"] = "Wrong choice, check the choice and try again!"
        response["time"] = int(time.time())

        return make_response(jsonify(response))
    else:
        return login_manager.unauthorized()
예제 #11
0
 def decorated_view(*args, **kwargs):
     if not current_user.is_authenticated:
         return login_manager.unauthorized()
     if current_user.access_level < level:
         return login_manager.unauthorized()
     return fn(*args, **kwargs)
예제 #12
0
 def decorated_view(*args, **kwargs):
     if not current_user.is_authenticated():
         return login_manager.unauthorized()
     elif (current_user.user_type != user_type) and (user_type != 0):
         return login_manager.unauthorized()
     return fn(*args, **kwargs)
예제 #13
0
def logout():
    print('пользователь', current_user, 'вышел из сети')
    logout_user()
    login_manager.unauthorized()
    return redirect(url_for('index'))