def list_participants():
if users.user_role() == 0 or users.user_role() == 1:
return render_template("error.html",
message="Ei oikeutta nähdä sivua.")
if users.user_role() == 2:
participants = lessons.list_own_participants(users.user_id(), db)
return render_template("list_participants.html",
participants=participants)
if users.user_role() == 3:
participants = lessons.list_all_participants(db)
return render_template("list_participants.html",
participants=participants)
def invite(id):
board_users = boards.get_secret_board_users(id)
board = boards.get_board(id)
userlist = users.get_users()
if users.user_role() != 2:
return redirect(url_for('error'))
if request.method == "GET":
return render_template("invite.html",
id=id,
boardname=board[0],
board_users=board_users,
userlist=userlist)
if request.method == "POST":
user_id = request.form["users"]
if session["csrf_token"] != request.form["csrf_token"]:
abort(403)
if int(user_id) == 0:
return render_template("invite.html",
id=id,
boardname=board[0],
board_users=board_users,
userlist=userlist,
errormessage="Valitse käyttäjä!")
# Tarkastetaan, onko käyttäjä jo alueella
user_invited = False
for row in board_users:
for elem in row:
if int(user_id) == elem:
user_invited = True
if request.form["submit"] == 'remove':
if not user_invited:
return render_template(
"invite.html",
id=id,
boardname=board[0],
board_users=board_users,
userlist=userlist,
errormessage="Käyttäjä ei ole alueella!")
if boards.remove_user(user_id, id):
board_users = boards.get_secret_board_users(id)
return render_template("invite.html",
id=id,
boardname=board[0],
board_users=board_users,
userlist=userlist)
elif request.form["submit"] == 'add':
if user_invited:
return render_template("invite.html",
id=id,
boardname=board[0],
board_users=board_users,
userlist=userlist,
errormessage="Käyttäjä on jo lisätty!")
if boards.invite_user(user_id, id):
board_users = boards.get_secret_board_users(id)
return render_template("invite.html",
id=id,
boardname=board[0],
board_users=board_users,
userlist=userlist)
def logout():
if users.user_role() == 0:
return render_template("error.html",
message="Ei oikeutta nähdä sivua.")
users.logout()
return redirect("/")
def index():
if users.user_id != 0:
if users.user_role() == 1:
list = courses.get_owned()
else:
list = courses.get_list()
return render_template("index.html", count=len(list), courses=list)
return render_template("index.html")
def get_secret_boards():
user_id = users.user_id()
if users.user_role() == 2:
sql = "SELECT id, boardname FROM boards WHERE secret=1"
else:
sql = "SELECT b.id, b.boardname FROM boards b, SecretBoardUsers s WHERE secret=1 AND b.id=s.board_id AND s.user_id=:user_id"
result = db.session.execute(sql, {"user_id": user_id})
return result.fetchall()
def confirm():
if users.user_role() == 0 or users.user_role() == 1:
return render_template("error.html",
message="Ei oikeutta nähdä sivua.")
if request.method == "GET":
unconfirmed = users.list_unconfirmed(db)
return render_template("confirm.html", users=unconfirmed)
if request.method == "POST":
if session["csrf_token"] != request.form["csrf_token"]:
abort(403)
id = request.form["id"]
level = request.form["level"]
users.confirm_level(id, level, db)
return render_template("success.html",
message="Käyttäjän taso vahvistettu.")
def ls_reservations():
if users.user_role() == 0:
return render_template("error.html",
message="Ei oikeutta nähdä sivua.")
user_id = session["user_id"]
reservations = lessons.list_reservations(user_id, db)
past = lessons.list_past(user_id, db)
return render_template("reservations.html",
lessons=reservations,
past=past)
def info():
if users.user_role() == 0:
return render_template("error.html",
message="Ei oikeutta nähdä sivua.")
user = users.user_id()
info = users.get_user_info(user, db)
card = cards.get_cards(user, db)
bought = cards.bought_cards(user, db)
return render_template("info.html", info=info, cards=card, bought=bought)
def secret_board_access(board_id):
user_id = users.user_id()
if users.user_role() == 2:
sql = "SELECT board_id, user_id FROM SecretBoardUsers WHERE board_id=:board_id"
return True
else:
sql = "SELECT board_id, user_id FROM SecretBoardUsers WHERE board_id=:board_id AND user_id=:user_id"
result = db.session.execute(sql, {
"board_id": board_id,
"user_id": user_id
})
if result.fetchone() != None:
return True
return False
def cancel_lessons():
if users.user_role() == 0 or users.user_role() == 1:
return render_template("error.html",
message="Ei oikeutta nähdä sivua.")
if request.method == "GET":
if users.user_role() == 2:
participants = lessons.list_taught(users.user_id(), db)
return render_template("own_lessons.html", lessons=participants)
if users.user_role() == 3:
participants = lessons.list_all(db)
return render_template("own_lessons.html", lessons=participants)
if request.method == "POST":
if session["csrf_token"] != request.form["csrf_token"]:
abort(403)
lesson_id = int(request.form["id"])
if lessons.cancel_lesson(lesson_id, db):
return render_template("success.html",
message="Tunnin poisto onnistui.")
def purchase():
if users.user_role() == 0:
return render_template("error.html",
message="Ei oikeutta nähdä sivua.")
if request.method == "POST":
if session["csrf_token"] != request.form["csrf_token"]:
abort(403)
user_id = session["user_id"]
times = int(request.form["card"])
cards.new(user_id, times, db)
return render_template("success.html", message="Osto onnistui.")
if request.method == "GET":
return render_template("purchase.html")
def cr_lessons():
if users.user_role() == 0 or users.user_role() == 1:
return render_template("error.html",
message="Ei oikeutta nähdä sivua.")
if request.method == "GET":
return render_template("create_lessons.html")
if request.method == "POST":
if session["csrf_token"] != request.form["csrf_token"]:
abort(403)
date = request.form["date"]
time = request.form["time"]
if time == '':
return render_template(
"error.html", message="Täytä kaikki tiedot tuntia varten.")
else:
time = int(time)
max = request.form["max"]
if max == '':
return render_template(
"error.html", message="Täytä kaikki tiedot tuntia varten.")
else:
time = int(time)
level = int(request.form["level"])
id = users.user_id()
if lessons.create(date, time, max, level, id, db):
return render_template("success.html",
message="Tunnin lisäys onnistui.")
else:
return render_template(
"error.html",
message="Virhe tunnin luonnissa. Tarkasta täydennetyt tiedot.")
def create_board():
if users.user_role() != 2:
return redirect(url_for('error'))
if request.method == "GET":
return render_template("create-board.html")
if request.method == "POST":
boardname = request.form["boardname"]
if session["csrf_token"] != request.form["csrf_token"]:
abort(403)
if request.form.get("secret") == None:
secret = 0
else:
secret = 1
if boards.create_board(boardname, secret):
return redirect("/")
else:
return render_template("create-board.html")
def set_role():
if users.user_role() != 3:
return render_template("error.html",
message="Ei oikeutta nähdä sivua.")
if request.method == "GET":
return render_template("set_role.html")
if request.method == "POST":
if session["csrf_token"] != request.form["csrf_token"]:
abort(403)
username = request.form["username"]
role = request.form["role"]
if users.set_role(username, role, db):
return render_template("success.html",
message="Käyttäjän rooli muutettu.")
else:
return render_template("error.html", message="Käyttäjää ei löydy.")