def serve_org_home(org):
page, pages, news = paged_data(
News.query.filter_by(oid=get_org_id()).order_by(
News.time.desc()).all(), NEWS_PER_PAGE)
return render_template(
"main/index.html",
active="Home",
page=page,
pages=pages,
news=news,
organization=Organizations.query.filter_by(id=get_org_id()).first())
def validate_attendance(form, field):
code = AttendanceCodes.query.filter_by(oid=get_org_id(),
code=field.data.strip()).first()
if code is None:
raise ValidationError("Invalid attendance code!")
if code.start > get_time():
raise ValidationError("This code is not yet active!")
if code.end < get_time():
raise ValidationError("This code has expired!")
if AttendanceRecords.query.filter_by(
oid=get_org_id(), cid=code.id, uid=user.id).count() > 0:
raise ValidationError("Attendance code already used!")
def serve_lesson_edit(org, id):
lesson = Lessons.query.filter_by(oid=get_org_id(), id=id).first()
if not lesson:
return error_page(404, "There is no lesson with the ID %d." % id)
if not (user.organization_roles.lessons >= LessonRoles.admin
or user.organization_roles.lessons >= LessonRoles.default
and lesson.has_author(user.id)):
abort(403)
form = LessonEditForm(lesson)
if form.validate_on_submit():
if lesson_edit(lesson, form):
flash("Successfully deleted lesson!", category="SUCCESS")
return redirect("/organization/%s/admin/lessons/" % org, code=303)
flash("Successfully updated lesson!", category="SUCCESS")
else:
flash_form_errors(form, "Changes were not saved!")
return render_template("adminpages/lesson-edit.html",
sudo=True,
active="lessons",
lesson=lesson,
form=form)
def lesson_edit(lesson, form):
if form.delete.data:
Lessons.remove(lesson)
db_commit()
return True
lesson.desc = form.desc.data
lesson.title = form.title.data
lesson.body = form.body.data
lesson.lid = form.lid.data
print(lesson.lid)
if user.organization_roles.lessons >= LessonRoles.admin:
authors = list(map(int, form.authors.data.split()))
for lesson_author in LessonAuthors.query.filter_by(
lid=lesson.id).all():
if lesson_author.uid not in authors:
LessonAuthors.remove(lesson_author)
else:
authors.remove(lesson_author.uid)
for new_author in authors:
LessonAuthors.add(lid=lesson.id, uid=new_author, oid=get_org_id())
db_commit()
def validate_organization_join_code(form, field):
organization = Organizations.query.filter_by(id=get_org_id()).first()
if organization.can_join_code:
if field.data != organization.join_code:
raise ValidationError("Invalid join code!")
else:
raise ValidationError(
"This organization is not currently allowing Join By Code!")
def serve_lesson_organization(org):
if user.organization_roles.lessons <= LessonRoles.default:
abort(403)
return render_template("adminpages/lessons.html",
sudo=True,
active="lessons",
oid=get_organization(),
lessons=Lessons.query.filter_by(
oid=get_org_id()).order_by(Lessons.title).all())
def serve_attendance(org):
form = AttendanceForm()
if form.validate_on_submit():
AttendanceRecords.add(cid=AttendanceCodes.query.filter_by(
code=form.attendance_code.data.strip()).first().id,
oid=get_org_id(),
uid=user.id,
time=get_time())
db_commit()
flash("Your attendance was confirmed!", category="SUCCESS")
flash_form_errors(form)
return render_template(
"account/attendance.html",
form=form,
off=(AttendanceCodes.query.filter_by(oid=get_org_id()).count() == 0))
def sudo_links():
co = Organizations.query.filter_by(id = get_org_id()).first()
links = [
("/" if co.id == 1 else "/organization/%s" % co.oid, "CSCenter Home" if co.id == 1 else "%s Home" % co.name, [("/", "CSCenter Home") if org.id == 1 else ("/organization/%s" % org.oid, org.name + " Home") for org in Organizations.query.join(OrganizationUsers).filter(OrganizationUsers.uid == user.id, Organizations.id == OrganizationUsers.oid, Organizations.id != co.id).all()] if user else []),
("/admin/", "admin", [])
]
if not user:
logger.warn("User got sudo_links without being signed in [???]")
return links # This shouldn't happen
return links + admin_sublinks()
def news_sudo_create(form, oid):
org = Organizations.query.filter_by(oid = oid).first()
article = News.add(oid = get_org_id(), nid = form.nid.data, title = form.title.data, body = form.body.data, time = get_time())
db_commit()
for uid in form.authors.data.split():
NewsAuthors.add(nid = article.id, uid = int(uid), oid = get_org_id())
if form.email.data:
co = Organizations.query.filter_by(id = get_org_id()).first()
send_many([
tup[0]
for tup in db.session.query(Users.email).\
join(OrganizationUsers).\
filter(OrganizationUsers.oid == co.id, Users.subscribed == True).all()
],
"%s Announcement - %s" % ("CS Center" if org.id == 1 else org.name, form.title.data), md.render(form.body.data))
db_commit()
def serve_news_sudo(org):
if user.organization_roles.news <= NewsRoles.default:
abort(403)
return render_template(
"adminpages/news.html",
sudo=True,
active="news",
oid=get_organization(),
news=News.query.filter_by(oid=get_org_id()).order_by(
News.time.desc()).all())
def serve_organization_landing(org):
form = OrganizationJoinByCodeForm()
organization = Organizations.query.filter_by(id=get_org_id()).first()
if form.validate_on_submit():
organization.add_user(user)
db_commit()
flash("Joined %s!" % organization.name, category="SUCCESS")
flash_form_errors(form)
return render_template("organizations/landing.html",
active="Organizations",
organization=organization,
form=form)
def links():
co = Organizations.query.filter_by(id = get_org_id()).first()
links = [
("/" if co.id == 1 else "/organization/%s" % co.oid, "CSCenter Home" if co.id == 1 else "%s Home" % co.name, [("/", "CSCenter Home") if org.id == 1 else ("/organization/%s" % org.oid, org.name + " Home") for org in Organizations.query.join(OrganizationUsers).filter(OrganizationUsers.uid == user.id, Organizations.id == OrganizationUsers.oid, Organizations.id != co.id).all()] if user else []),
# ("/problems/", "Problems", []),
("/lessons/" if co.id == 1 else "/organization/%s/lessons/" % co.oid, "Lessons", []),
("/calendar/", "Calendar", []),
("/users/" if co.id == 1 else "/organization/%s/users/" % co.oid, "Users", []),
("/organizations/", "Organizations", []),
# ("/editorials/", "Editorials", []),
("/about/", "About", [("/contact", "Contact"), ("/faq", "FAQ")])
]
sub = admin_sublinks()
if sub:
links.insert(1, ("/admin/", "admin", [(x, y) for x, y, z in sub]))
return links
def serve_attendance_display(org):
if user.organization_roles.attendance <= AttendanceRoles.default:
abort(403)
codes = AttendanceCodes.current_objs(get_org_id())
if len(codes) == 0:
return render_template("adminpages/attendance-display-no-codes.html",
sudo=True,
active="attendance")
elif len(codes) == 1:
return redirect("/organization/%s/admin/attendance/display/%s" %
(org, codes[0].id))
else:
return render_template("adminpages/attendance-display-select.html",
sudo=True,
active="attendance",
codes=codes)
def get_user_list(include_all=False, organization=False):
if not include_all and (not user or user.roles.users <= UserRoles.default):
abort(403)
query = db.session.query(Users.username, Users.id)
if not include_all:
query = query.filter(Users.id != user.id)
if not user.admin:
query = query.join(Roles).filter(Roles.users < UserRoles.moderator)
if organization:
query = query.join(OrganizationUsers).filter(
OrganizationUsers.oid == get_org_id(),
OrganizationUsers.uid == Users.id)
users = query.all()
return users
def serve_news_sudo_edit_request(org, id):
article = News.query.filter_by(oid = get_org_id(), id = id).first()
if not article:
return error_page(404, "There is no news item with the ID %d." % id)
if not (user.organization_roles.news >= NewsRoles.moderator or user.organization_roles.news >= NewsRoles.default and article.has_author(user.id)):
abort(403)
form = NewsSudoEditForm(article)
if form.validate_on_submit():
if news_sudo_edit(article, form):
flash("Successfully deleted news item!", category = "SUCCESS")
return redirect("/organization/%s/admin/news/" % org, code = 303)
flash("Successfully updated news item!", category = "SUCCESS")
else:
flash_form_errors(form, "Changes were not saved!")
return render_template("adminpages/news-edit.html", sudo = True, active = "news", article = article, form = form)
def news_sudo_edit(article, form):
if form.delete.data:
News.remove(article)
db_commit()
return True
article.nid = form.nid.data
article.title = form.title.data
article.body = form.body.data
if user.organization_roles.news >= NewsRoles.moderator:
authors = list(map(int, form.authors.data.split()))
for news_author in NewsAuthors.query.filter_by(nid = article.id).all():
if news_author.uid not in authors:
NewsAuthors.remove(news_author)
else:
authors.remove(news_author.uid)
for new_author in authors:
NewsAuthors.add(nid = article.id, uid = new_author, oid = get_org_id())
db_commit()
def serve_organization_sudo(org):
if user.organization_roles.admin < OrganizationManagerRoles.admin:
abort(403)
form = OrganizationSudoForm()
organization = Organizations.query.filter_by(id=get_org_id()).first()
if form.validate_on_submit():
organization.name = form.name.data
organization.desc = form.description.data
organization.join_code = form.join_code.data
organization.can_join_code = form.can_join_code.data
organization.can_apply = form.can_apply.data
db_commit()
flash("Successfully updated organization!", category="SUCCESS")
if form.name.data is None:
form.name.data = organization.name
if form.description.data is None:
form.description.data = organization.desc
if form.join_code.data is None:
form.join_code.data = organization.join_code
form.can_join_code.data = organization.can_join_code
form.can_apply.data = organization.can_apply
flash_form_errors(form)
return render_template("adminpages/organization.html",
sudo=True,
active="organization",
form=form)
def count(self, user):
if isinstance(user, int):
uid = user
else:
uid = user.id
return self.query.filter_by(uid = uid, oid = get_org_id()).count()
def organization_roles(self):
return OrganizationRoles.query.filter_by(uid=self.id,
oid=get_org_id()).first()
def serve_news(oid, nid):
return render_template("main/news.html",
active="",
data=News.query.filter_by(oid=get_org_id(),
nid=nid).first_or_404())