def create(): if not authenticated(session): abort(403) else: id_folder = int(request.form.get("id_folder")) task_name = request.form.get("task_name") if(id_folder == None) or (id_folder == ""): flash("The folder must have an id!", category="error") return redirect(request.referrer) if(task_name == None) or (task_name == ""): flash("The task must have a name!", category="error") return redirect(request.referrer) conn = connection() if User.has_permision_to_open_folder(conn, session['user']['id'], id_folder): if Task.exists(conn, id_folder, task_name): flash("The task already exists!", category="error") return redirect(request.referrer) else: try: Task.create(conn, id_folder, task_name) flash("One task has been added!", category="success") except: flash("There was an error adding your task", category="error") else: flash("You can't access that folder!", category="error") return redirect(request.referrer)
def home(): """Retorna al login de la pagina""" settings = PageSetting.find_settings() if not (settings.enabled) and not (authenticated(session)): return render_template("errors/maintenance.html") else: return render_template("layout/index.html", settings=settings)
def create(): if not authenticated(session): abort(401) conn = connection() User.create(conn, request.form) return redirect(url_for("user_index"))
def update(): if not authenticated(session): abort(403) else: id_task = int(request.form.get("id_task")) id_folder = int(request.form.get("id_folder")) task_name = request.form.get("task_name") if(id_task == None) or (id_task == ""): flash("The task must have an id!", category="error") return redirect(request.referrer) if(id_folder == None) or (id_folder == ""): flash("The folder must have an id!", category="error") return redirect(request.referrer) if(task_name == None) or (task_name == ""): flash("The task must have a name!", category="error") return redirect(request.referrer) conn = connection() if Task.exists(conn, id_folder, task_name): flash("The task already exists!", category="error") else: try: Task.update(conn, id_task, task_name) flash("The task was updated!", category="success") except: flash("There was an error editing your task", category="error") return redirect(request.referrer)
def is_owner(id_house): if not authenticated(session): abort(401) conn = connection() if (User.is_owner(conn, session['user']['id'], id_house)): return True return False
def main_menu(): if not authenticated(session): abort(403) else: conn = connection() folders = Folder.find_by_id_user(conn, session['user']['id']) return render_template("user/menu.html", folders=folders)
def favorite_houses(): if not authenticated(session): abort(401) else: conn = connection() houses = User.favorite_houses(conn, session['user']['id']) return render_template("houses/all_houses.html", title="Tu lista de favoritos", houses=houses)
def wrap(*args, **kwargs): if not authenticated(session): return render_template("errors/error.html") permisos = permissions() if idPermiso not in permisos: return render_template("errors/error.html") return func(*args, **kwargs)
def index(): if not authenticated(session): abort(401) conn = connection() users = User.all(conn) return render_template("user/index.html", users=users)
def buy_house(): if not authenticated(session): abort(401) id_house = request.form.get("id_house") if (not id_house): flash("No hay una casa seleccionada") return redirect(request.referrer) conn = connection() if House.exist(conn, id_house): if User.buy_house(conn, session['user']['id'], id_house): flash("Compra exitosa", category="success") else: flash("Ha ocurrido un error", category="error") else: flash("No puedes comprar esta propiedad", category="error") return redirect(request.referrer)
def add_fav_house(): if not authenticated(session): abort(401) else: try: params = request.get_json() id_user = params['id_user'] id_house = params['id_house'] conn = connection() if(User.has_favorite(conn, id_user, id_house)): User.delete_fav_house(conn, id_user, id_house) return jsonify({"text": "deleted"}) else: User.add_fav_house(conn, id_user, id_house) return jsonify({"text": "added"}) except: abort(500)
def validar_permisos(un_permiso): if sitio_cerrado() and no_es_admin(): # print("Salio xq no estaba cerrado y no esta logueado como admin") abort(503) # Si el usuario no tiene una cookie de sesion válida muestro un mensaje de error if not authenticated(session): # print("Salio xq no estaba autenticado") abort(401) if not usuario_activo(session): # print("Salio xq no estaba activo") abort(403) if un_permiso != '' and no_tiene_el_permiso_solicitado(un_permiso): # print("Se solicito permiso para "+un_permiso) # print("Salio xq no tenia el permiso") abort(403) return
def create(): if not authenticated(session): abort(403) else: folder_name = request.form.get("folder_name") if (folder_name == None) or (folder_name == ""): flash("The folder must have a name!", category="error") return redirect(url_for("user-main-menu")) conn = connection() if (Folder.exists(conn, session['user']['id'], folder_name)): flash("The folder already exists!", category="error") else: try: Folder.create(conn, session['user']['id'], folder_name) flash("The folder was created!", category="success") except: flash("There was an error", category="error") return redirect(url_for("user-main-menu"))
def check(): if not authenticated(session): abort(403) data = request.get_json() id_task = int(data['id_task']) checked = data['checked'] if(id_task == "" or id_task == None): abort(404) if(checked == "" or checked == None): abort(404) conn = connection() Task.check(conn, id_task, checked) return jsonify({"state": checked})
def GET(self): user = models.User.objects.get(email=auth.authenticated()) # Get a list of all the classes the user is teaching. classes = list(user.classes) # Get all of the assignments in those classes assignments = models.Assignment.objects(forClass__in=user.classes) # Add the className attribute to all the assignments so the view can # access it easily. for i in assignments: # Ensure that we aren't about to blow away something we shouldn't assert "className" not in vars(i) vars(i)["className"] = \ utils.first(classes, lambda j: j.id == i.forClass).name return view.classes(assignments, classes)
def GET(self): user = models.User.objects.get(email = auth.authenticated()) # Get a list of all the classes the user is teaching. classes = list(user.classes) # Get all of the assignments in those classes assignments = models.Assignment.objects(forClass__in = user.classes) # Add the className attribute to all the assignments so the view can # access it easily. for i in assignments: # Ensure that we aren't about to blow away something we shouldn't assert "className" not in vars(i) vars(i)["className"] = \ utils.first(classes, lambda j: j.id == i.forClass).name return view.classes(assignments, classes)
def show(): if not authenticated(session): abort(403) else: id_folder = request.args.get("id_folder") if(id_folder == None) or (id_folder == ""): flash("The 'id' field is empty!", category="error") return redirect(request.referrer) conn = connection() if User.has_permision_to_open_folder(conn, session['user']['id'], id_folder): folder = Folder.find_by_id(conn, id_folder) if not folder: flash("The folder doesn't exist!", category="error") return redirect(request.referrer) else: tasks = Task.find_by_id_folder(conn, folder['id']) return render_template("folder/folder-show.html", folder=folder, tasks=tasks) else: flash("You don't have permission to access that folder!", category="error") return redirect(request.referrer)
def delete_house(): if not authenticated(session): abort(401) id_house = request.form.get("id_house") if(id_house is None)or(id_house == ""): flash("La propiedad debe tener un ID", category="error") else: conn = connection() if not User.is_owner(conn, session['user']['id'], id_house): flash("Solo el dueño de la publicación puede borrarla!", category="error") else: if House.was_sold(conn,id_house): flash("No puede eliminar una propiedad vendida!", category="error") else: House.delete(conn, id_house) flash("Se ha eliminado la publicación exitosamente!", category="success") return redirect(url_for("index")) return redirect(request.referrer)
def show(): id = request.args.get("id") if id is not None: conn = connection() house = House.find_by_id(conn, id) if house: if house["deleted_at"] is not None: if authenticated(session): if User.bought_house(conn, house['id'], session['user']['id']): return render_template("houses/show_house.html", house=house) else: abort(404) else: abort(401) else: return render_template("houses/show_house.html", house=house) else: abort(404) else: abort(404)
def delete(): if not authenticated(session): abort(403) else: id_task = request.form.get("id_task") if(id_task == None) or (id_task == ""): flash("The task must have an ID!", category="error") return redirect(request.referrer) conn = connection() task = Task.find_by_id(conn, id_task) if not task: flash("The task doesn't exist!", category="error") else: if Task.belongs_to_user(conn, id_task, session['user']['id']): try: Task.delete(conn, id_task) flash("A task was deleted!", category="success") except: flash("There was an error!", category="error") else: flash("You can't access that task!", category="error") return redirect(request.referrer)
def delete(): if not authenticated(session): abort(403) else: id_folder = request.form.get("id_folder") if (id_folder == None) or (id_folder == ""): flash("The folder must have an ID!", category="error") return redirect(url_for("user-main-menu")) conn = connection() folder = Folder.find_by_id(conn, id_folder) if not folder: flash("The folder doesn't exist!", category="error") else: if folder['id_user'] == session['user']['id']: try: Folder.delete(conn, session['user']['id'], id_folder) flash("The folder was deleted!", category="success") except: flash("There was an error!", category="error") else: flash("You don't have access to that folder!", category="error") return redirect(url_for("user-main-menu"))
def no_es_admin(): return not (authenticated(session) and User.tiene_rol(session["usuario"], 'admin'))
def houses_on_sale(): if not authenticated(session): abort(401) conn = connection() houses = User.houses_on_sale(conn, session['user']['id']) return render_template("houses/all_houses.html", title="Tus publicaciones", houses=houses)
def login(): if authenticated(session): flash("Ya tenes una sesión activa.", "warning") return redirect(url_for('home')) form = LoginForm() return render_template('auth/login.html', form=form)
def purchases(): if not authenticated(session): abort(401) conn = connection() houses = House.purchases(conn, session['user']['id']) return render_template("houses/all_houses.html", title="Tus compras", houses=houses)
def new(): if not authenticated(session): abort(401) return render_template("user/new.html")
def permissions(): if authenticated(session): #print("\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n") name_permisos = UsersRoles.return_name_permission_by_iduser( int(session["id"])) return name_permisos