def api_team_unlock_problems_and_contests(teamID: int): """ 团队用户解锁团队题目和团队比赛和团队习题集 """ user: User = db.session.query(User).filter_by( id=session.get("uid", -1)).one_or_none() if not user: return make_response(-1, message="请登录") team: Team = db.session.query( Team.team_problems, Team.team_contests, Team.team_problemsets).filter_by(id=teamID).one_or_none() if not team: return make_response(-1, message="团队不存在") if not db.session.query(TeamMember).filter_by(uid=session.get("uid"), team_id=teamID).count(): return make_response(-1, message="你不是团队成员") permissions = set( (f"problem.use.{id}" for id in team.team_problems)) | set( (f"contest.use.{id}" for id in team.team_contests)) | set( f"problemset.use.{id}" for id in team.team_problemsets) user.permissions = [ item for item in user.permissions if item not in permissions ] + list(permissions) db.session.commit() permission_manager.refresh_user(user.id) return make_response(0, message="操作完成")
def admin_add_user_permission(uid: int, permission: str): """ 给用户添加个人权限 """ user: User = db.session.query(User).filter(User.id == uid).one() current_permissions = user.permissions user.permissions = [*current_permissions, permission] db.session.commit() permission_manager.refresh_user(user.id) return make_json_response(0, message="保存成功")
def admin_remove_user_permission(uid: int, index: int): """ 删除某用户的某条个人权限 """ user: User = db.session.query(User).filter(User.id == uid).one() current_permissions = user.permissions user.permissions = [ x for i, x in enumerate(current_permissions) if i != index ] db.session.commit() permission_manager.refresh_user(user.id) return make_json_response(0, message="删除成功")
def quit_team(): """ 退出团队并清空相应权限 参数 { "uid":"用户ID", "team_id":"团队ID" } 返回: { "code":0, "message":"" } """ if not session.get("uid"): return make_response(-1, message="请先登录") operator: User = User.by_id(session.get("uid")) user: User = User.by_id(request.form["uid"]) team: Team = Team.by_id(request.form["team_id"]) if user.id != operator.id and not permission_manager.has_permission( operator.id, "team.manage" ) and operator.id not in team.admins and operator.id != team.owner_id: return make_response(-1, message="你没有权限这样做") relation = db.session.query(TeamMember).filter_by( uid=user.id, team_id=team.id).one_or_none() if not relation: return make_response(-1, message="您不在此团队内") if user.id == team.owner_id: return make_response(-1, message="此用户不可被移出团队") # def remove_and_return(a, val): # a = a.copy() # a.remove(val) # return a # # print(team.members) # team.members = remove_and_return(team.members, user.id) # user.joined_teams = remove_and_return(user.joined_teams, team.id) # if user.id in team.admins: # team.admins = remove_and_return(team.admins, user.id) # print(team.members) db.session.delete(relation) db.session.commit() perms = set((f"contest.use.{item}" for item in team.team_contests)) | set( (f"problem.use.{item}" for item in team.team_problems)) | set( (f"problemset.use.{item}" for item in team.team_problemsets)) user.permissions = [item for item in user.permissions if item not in perms] db.session.commit() permission_manager.refresh_user(user.id) return make_response(0, message="操作完成")
def api_problemset_unlock_permissions(problemset: int): """ 用户解锁权限包 """ problemset_inst: ProblemSet = db.session.query( ProblemSet.problems, ProblemSet.private, ProblemSet.owner_uid).filter_by(id=problemset).one_or_none() if not problemset_inst: return make_response(-1, message="权限包不存在") if problemset_inst.private and int( session.get("uid", -1) ) != problemset_inst.owner_uid and not permission_manager.has_permission( int(session.get("uid")), f"problemset.use.{problemset}"): return make_response(-1, message="你没有权限使用该权限包") user: User = db.session.query(User).filter_by(id=session.get("uid")).one() to_add = {f"problem.use.{x}" for x in problemset_inst.problems} user.permissions = [x for x in user.permissions if x not in to_add ] + list(to_add) db.session.commit() permission_manager.refresh_user(session.get("uid")) return make_response(0, message="操作完成")