Exemplo n.º 1
0
def delete(note_id: int):
    note_ = Note.get_or_none(Note.id == note_id)
    if note_.creator.id != current_user.id and note_.is_private:
        raise ForbiddenPermission(
            "You aren't allowed to access this page.",
            403,
        )
    if note_ is not None:
        note_.delete_instance()
Exemplo n.º 2
0
def delete():
    comment_id = int(request.args.get('commentId'))
    comment_ = Comment.get_or_none(Comment.id == comment_id)
    if (comment_.commenter.id != current_user.id
            and not current_user.role.is_manager):
        raise ForbiddenPermission(
            "You aren't allowed to access this page.",
            403,
        )
    if comment_ is not None:
        comment_.delete_instance()
Exemplo n.º 3
0
def auth(username: str, password: str) -> User:
    user = User.get_or_none(username=username)
    if user is None or not user.is_password_valid(password):
        raise UnauthorizedError(_('Invalid username or password'), 400)
    elif user.role.is_unverified:
        raise ForbiddenPermission(
            _(
                'You have to confirm your registration with the link sent '
                'to your email', ),
            403,
        )
    return user
Exemplo n.º 4
0
def get_or_create(solution_id: int) -> SharedSolution:
    if not webapp.config.get('SHAREABLE_SOLUTIONS', False):
        raise ForbiddenPermission('Shareable solutions are not allowed.', 403)

    solution = Solution.get_or_none(solution_id)
    if solution is None:
        raise ResourceNotFound(f'No such solution {solution_id}', 404)

    solver_id = solution.solver.id
    if solver_id != current_user.id and not current_user.role.is_manager:
        raise ForbiddenPermission(
            "You aren't allowed to access this page.",
            403,
        )

    shared_solution = SharedSolution.get_or_none(
        SharedSolution.solution == solution, )

    if shared_solution is None:
        shared_solution = SharedSolution.create_new(solution=solution)

    return shared_solution
Exemplo n.º 5
0
def get_download_data(
    download_id: str, ) -> Tuple[Iterator[SolutionFile], str]:
    solution = Solution.get_or_none(Solution.id == download_id)
    shared_solution = SharedSolution.get_or_none(
        SharedSolution.shared_url == download_id, )
    if solution is None and shared_solution is None:
        raise ResourceNotFound('Solution does not exist.', 404)

    if shared_solution is None:
        viewer_is_solver = solution.solver.id == current_user.id
        has_viewer_access = current_user.role.is_viewer
        if not viewer_is_solver and not has_viewer_access:
            raise ForbiddenPermission(
                'This user has no permissions to view this page.',
                403,
            )
        files = solution.files
        filename = solution.exercise.subject
    else:
        files = shared_solution.solution.files
        filename = shared_solution.solution.exercise.subject

    return files, filename