def show_stats(): if not auth_utils.check_login() or not auth_utils.check_admin( flask.session['username']): return flask.redirect(flask.url_for("home")) default_stats = helpers.get_current_stats() return flask.render_template("stats.html", raw_data=json.dumps(default_stats))
def view_application(user_id): if not auth_utils.check_login() or not auth_utils.check_admin( flask.session['username']): return flask.redirect(flask.url_for("home")) info = helpers.get_application(user_id) status = helpers.get_status(user_id) return flask.render_template("view_application.html", info=info, status=status)
def update_status(user_id): if not auth_utils.check_login() or not auth_utils.check_admin( flask.session['username']): return flask.redirect(flask.url_for("home")) helpers.update_status(user_id, flask.request.form.get('new_status'), flask.request.form.get('reimbursement_amount'), app_helpers.get_user_id(flask.session['username'])) flask.flash('Status has been updated') return flask.redirect(flask.url_for('judging.judge'))
def update_waiver_status(waiver_type, user_id): if not auth_utils.check_login() or not auth_utils.check_admin( flask.session['username']): return flask.redirect(flask.url_for("home")) helpers.update_waiver_status( user_id, flask.request.form.get('new_status'), auth_utils.get_user_id(flask.session['username']), waiver_type) flask.flash('Status has been updated') return flask.redirect( flask.url_for('.view_caltech_waiver', user_id=user_id))
def view_caltech_waiver(user_id): if not auth_utils.check_login() or not auth_utils.check_admin( flask.session['username']): return flask.redirect(flask.url_for("home")) info = helpers.get_waiver(user_id, "caltech_waiver") info.update(helpers.get_waiver(user_id, "medical_info")) info['user_id'] = user_id status = helpers.get_waiver_status(user_id, "caltech_waiver") status.update(helpers.get_waiver_status(user_id, "medical_info")) return flask.render_template("view_caltech_waiver.html", info=info, status=status)
def serve_resume_book(): if not auth_utils.check_login() or not auth_utils.check_admin( flask.session['username']): return flask.redirect(flask.url_for("home")) fields = flask.request.form.getlist("groups", None) if fields == None: return flask.redirect(flask.url_for("judging.judge")) helpers.generate_resume_book(fields) return flask.redirect( flask.url_for("judging.uploaded_file", filename="hacktech_resume_book.pdf"))
def uploaded_file(filename): ''' Serves the actual uploaded file. ''' if not auth_utils.check_login(): return flask.redirect(flask.url_for("home")) user_res_name = app_helpers.check_resume_exists( app_helpers.get_user_id(flask.session['username'])) if user_res_name != filename and not auth_utils.check_admin( flask.session['username']): return flask.redirect(flask.url_for("home")) uploads = os.path.join(flask.current_app.root_path, flask.current_app.config['RESUMES']) return flask.send_from_directory(uploads, filename, as_attachment=False)
def uploaded_waiver_file(filename, waiver_type): ''' This function should be collapsed with the function below ''' if not auth_utils.check_login(): return flask.redirect(flask.url_for("home")) cur_user_waiver = helpers.get_waiver( auth_utils.get_user_id(flask.session['username']), waiver_type) if cur_user_waiver != filename and not auth_utils.check_admin( flask.session['username']): return flask.redirect(flask.url_for("home")) folder_path = "WAIVERS" if waiver_type == "caltech_waiver" else "MEDICAL" uploads = os.path.join(flask.current_app.root_path, flask.current_app.config[folder_path]) return flask.send_from_directory(uploads, filename, as_attachment=False)
def judge(): curpage = int(flask.request.args.get('page', 0)) page_size = flask.session.get('page_size', 100) if page_size == "": page_size = 100 else: page_size = int(page_size) flask.session['page_size'] = page_size if not auth_utils.check_login() or not auth_utils.check_admin( flask.session['username']): return flask.redirect(flask.url_for("home")) info = helpers.get_all_application_links() total_pages = int(len(info) / page_size) + 1 info = info[curpage * page_size:(curpage + 1) * page_size] return flask.render_template("judge.html", info=info, page=curpage, total_pages=total_pages, page_size=page_size)
def check_status(self_email, other_email): """ Using the user's email, check the user's status for the current year and return it. """ # If they aren't an admin or they aren't themselves, # then they shouldn't see status if not auth_utils.check_admin(self_email) and self_email != other_email: return "" query = """ SELECT status, reimbursement_amt FROM users NATURAL JOIN status NATURAL JOIN applications WHERE email = %s AND application_year = %s """ with flask.g.pymysql_db.cursor() as cursor: cursor.execute(query, [other_email, app_year.year + "0000"]) result = cursor.fetchone() if result == None: return None return result
def login_submit(): """Handle authentication.""" username = flask.request.form.get('username', None) password = flask.request.form.get('password', None) if username is not None and password is not None: user_id = helpers.authenticate(username, password) if user_id is not None: flask.session['username'] = username if auth_utils.check_admin(username): flask.session['admin'] = True # Update last login time auth_utils.update_last_login(username) # Return to previous page if in session if 'next' in flask.session: redirect_to = flask.session.pop('next') return flask.redirect(redirect_to) else: return flask.redirect(flask.url_for('home')) flask.flash('Incorrect username or password. Please try again!') return flask.redirect(flask.url_for('auth.login'))
def test_check_admin(client): """ """ assert not auth_utils.check_admin("*****@*****.**") assert auth_utils.check_admin('*****@*****.**')