def post(self):
session = self.get_session()
try:
mail = self.get_argument('mail')
uid = None
for row in session.query(User).filter(User.mail == mail):
uid = row.id
if uid:
session.query(SetPasswordToken).filter(
SetPasswordToken.id == uid).delete()
token = uuid4()
instance = SetPasswordToken(uid=uid, token=token)
db_insert(session, instance)
url = 'http://%s/spt/set_password/?id=%s&token=%s' % (
Config.HOST, uid, str(token))
with open('mail_template/set_password.mail') as f:
plain_content = f.read() % url
with open('mail_template/set_password.html') as f:
html_content = f.read() % (url, url)
smtp = SMTPMail()
smtp.send(mail, '[2017 資訊之芽] 重設密碼', plain_content,
html_content)
self.return_status(self.STATUS_SUCCESS)
else:
self.return_status(self.STATUS_FAILED)
except Exception as e:
if DEBUG:
print(e)
self.return_status(self.STATUS_ERROR)
session.close()
def post(self):
session = self.get_session()
uid = self.get_secure_cookie('uid')
if uid == None:
self.return_status(self.STATUS_NOT_LOGINED)
else:
uid = int(uid)
user = get_user(session, uid)
try:
class_type = int(self.get_argument('class_type'))
if datetime.now() > Config.DEADLINE:
self.return_status(self.STATUS_DEADLINE)
return
if not user.rule_test:
self.return_status(self.STATUS_PERMISSION_DENIED)
elif class_type == 3 and not user.pre_test:
self.return_status(self.STATUS_PERMISSION_DENIED)
else:
data = json.loads(self.get_argument('data'))
for obj in data:
res = session.query(ApplicationQuestion) \
.filter(and_(ApplicationQuestion.id == obj['id'],
ApplicationQuestion.class_type == class_type))
if res.count() > 0:
res = session.query(ApplicationAnswer) \
.filter(and_(ApplicationAnswer.uid == uid,
ApplicationAnswer.qid == obj['id']))
if res.count() > 0:
for row in res:
row.description = obj['answer']
session.commit()
else:
instance = ApplicationAnswer(
uid=uid,
qid=obj['id'],
description=obj['answer'])
db_insert(session, instance)
if (user.signup_status & (1 << (class_type - 1))) == 0:
for row in session.query(User).filter(User.id == uid):
row.signup_status = user.signup_status | (
1 << (class_type - 1))
session.commit()
self.return_status(self.STATUS_SUCCESS)
except Exception as e:
if DEBUG:
print(e)
self.return_status(self.STATUS_ERROR)
session.close()
def post(self):
session = self.get_session()
uid = self.get_secure_cookie('uid')
if uid == None:
self.return_status(self.STATUS_NOT_LOGINED)
else:
uid = int(uid)
user = get_user(session, uid)
if user.power < 1:
self.return_status(self.STATUS_PERMISSION_DENIED)
else:
try:
app_id = int(self.get_argument('id'))
order = self.get_argument('order')
class_type = self.get_argument('class_type')
description = self.get_argument('description')
if app_id == -1:
instance = ApplicationQuestion(order=order,
class_type=class_type,
description=description,
status=1)
db_insert(session, instance)
else:
for row in session.query(ApplicationQuestion).filter(
ApplicationQuestion.id == app_id):
row.order = order
row.class_type = class_type
row.description = description
session.commit()
self.return_status(self.STATUS_SUCCESS)
except Exception as e:
if DEBUG:
print(e)
self.return_status(self.STATUS_ERROR)
session.close()
def post(self):
session = self.get_session()
uid = self.get_secure_cookie('uid')
if uid == None:
self.return_status(self.STATUS_NOT_LOGINED)
else:
uid = int(uid)
user = get_user(session, uid)
if user.power < 1:
self.return_status(self.STATUS_PERMISSION_DENIED)
else:
try:
poll_id = int(self.get_argument('id'))
order = self.get_argument('order')
year = self.get_argument('year')
subject = self.get_argument('subject')
body = self.get_argument('body')
if poll_id != -1:
for row in session.query(Poll).filter(and_(Poll.id == poll_id, Poll.status == 1)):
row.order = order
row.year = year
row.subject = subject
row.body = body
session.commit()
else:
instance = Poll(order = order, year = year, subject = subject \
, body = body, status = 1)
db_insert(session, instance)
self.return_status(self.STATUS_SUCCESS)
except Exception as e:
if DEBUG:
print(e)
self.return_status(self.STATUS_ERROR)
session.close()
def post(self):
session = self.get_session()
uid = self.get_secure_cookie('uid')
if uid == None:
self.return_status(self.STATUS_NOT_LOGINED)
else:
uid = int(uid)
user = get_user(session, uid)
if user.power < 1:
self.return_status(self.STATUS_PERMISSION_DENIED)
else:
try:
qa_id = int(self.get_argument('id'))
order = self.get_argument('order')
question = self.get_argument('question')
answer = self.get_argument('answer')
if qa_id != -1:
for row in session.query(Qa).filter(
and_(Qa.id == qa_id, Qa.status == 1)):
row.order = order
row.question = question
row.answer = answer
session.commit()
else:
instance = Qa(order = order, question = question \
, answer = answer, status = 1)
db_insert(session, instance)
self.return_status(self.STATUS_SUCCESS)
except Exception as e:
if DEBUG:
print(e)
self.return_status(self.STATUS_ERROR)
session.close()
def post(self):
session = self.get_session()
try:
mail = self.get_argument('mail')
password = self.get_argument('password')
hashed = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt())
# password = hashlib.md5(self.get_argument('password').encode('utf-8')).hexdigest()
# Check email format
if not re.match(
r'^[A-Za-z0-9\.\+_-]+@[A-Za-z0-9\._-]+\.[a-zA-Z]*$', mail):
self.return_status(self.STATUS_WRONG)
else:
# Check if this mail be registered or not
uid = None
for row in session.query(User).filter(User.mail == mail):
uid = row.id
if uid:
self.return_status(self.STATUS_FAILED)
else:
instance = User(mail = mail, password = str(hashed), power = -1 \
, rule_test = 0, pre_test = 0, signup_status = 0)
db_insert(session, instance)
for row in session.query(User).filter(User.mail == mail):
lastrowid = row.id
token = uuid4()
instance = AuthToken(uid=lastrowid, token=token)
db_insert(session, instance)
instance = UserData(uid=lastrowid, gender=1, school_type=1)
db_insert(session, instance)
url = 'http://%s/spt/register/?id=%s&token=%s' % (
Config.HOST, lastrowid, str(token))
with open('mail_template/register.mail') as f:
plain_content = f.read() % url
with open('mail_template/register.html') as f:
html_content = f.read() % (url, url)
smtp = SMTPMail()
smtp.send(mail, '[2017 資訊之芽] 註冊帳號確認信', plain_content,
html_content)
self.return_status(self.STATUS_SUCCESS)
except Exception as e:
if DEBUG:
print(e)
self.return_status(self.STATUS_ERROR)
session.close()
def post(self):
session = self.get_session()
uid = self.get_secure_cookie('uid')
if uid == None:
self.return_status(self.STATUS_NOT_LOGINED)
else:
uid = int(uid)
user = get_user(session, uid)
if user.power < 1:
self.return_status(self.STATUS_PERMISSION_DENIED)
else:
try:
qid = int(self.get_argument('id'))
order = self.get_argument('order')
description = self.get_argument('description')
options = {}
for arg in self.request.arguments:
obj = re.match(r'options\[(\d+?)\]\[(.+?)\]', arg)
if obj:
idx = obj.groups()[0]
val = obj.groups()[1]
options[idx] = options.get(idx, {})
options[idx][val] = self.get_argument(arg)
if qid == -1:
instance = RuleQuestion(order=order,
description=description,
status=1)
db_insert(session, instance)
# maybe race condition for get insert lastrowid
for row in session.query(RuleQuestion).order_by(
RuleQuestion.id.desc()).limit(1):
qid = row.id
else:
# clear old optionss
for row in session.query(RuleAnswer).filter(
RuleAnswer.qid == qid):
row.status = 0
session.commit()
for row in session.query(RuleQuestion).filter(
RuleQuestion.id == qid):
row.order = order
row.description = description
session.commit()
for key in options:
option = options[key]
instance = RuleAnswer(qid=qid,
description=option['answer'],
status=1,
is_answer=1 if
('is_answer' in option) else 0)
db_insert(session, instance)
self.return_status(self.STATUS_SUCCESS)
except Exception as e:
if DEBUG:
print(e)
self.return_status(self.STATUS_ERROR)
session.close()