def add_championship(competition_id, championship_type): with client.context(): me = auth.user() if not me or not me.HasAnyRole(Roles.AdminRoles()): abort(403) competition = Competition.get_by_id(competition_id) if championship_type == 'national': championship_id = Championship.NationalsId(competition.year) elif championship_type == 'regional': championship_id = Championship.RegionalsId( competition.year, competition.state.get().region.get()) elif championship_type == 'state': championship_id = Championship.StateChampionshipId( competition.year, competition.state.get()) championship = (Championship.get_by_id(championship_id) or Championship(id=championship_id)) if championship_type == 'national': championship.national_championship = True elif championship_type == 'regional': championship.region = competition.state.get().region elif championship_type == 'state': championship.state = competition.state championship.competition = competition.key championship.put() # TODO: if we changed a championship we should update champions and eligibilities. return redirect('/admin/edit_championships')
def get_nav_items(self): items = [ ('Home', '/'), ('Competitions', [ ('Nationals', '/nationals'), ('Regional Championships', '/regional'), ]), ('Competitors', [ ('State Rankings', '/state_rankings'), ('WCA Competitor Tutorial', 'https://www.worldcubeassociation.org/edudoc/competitor-tutorial/tutorial.pdf' ), ]), ('Organizers', [ ('CubingUSA Supported Competitions', '/supported'), ('WCA Organizer Guidelines', 'https://www.worldcubeassociation.org/organizer-guidelines'), ]), ('About', [ ('About CubingUSA', '/about'), ('Who we are', '/about/who'), ('Donations', '/about/donations'), ('Contact Us', '/about/contact'), ('Logo', '/about/logo'), ('Public Documents', '/about/documents'), ]), ] if self.user and self.user.HasAnyRole(Roles.AdminRoles()): items += [('Admin', [ ('Edit Users', '/admin/edit_users'), ('Edit Championships', '/admin/edit_championships'), ])] return items
def edit_championships(): with client.context(): me = auth.user() if not me or not me.HasAnyRole(Roles.AdminRoles()): abort(403) all_us_competitions = (Competition.query( Competition.country == ndb.Key(Country, 'USA')).order( Competition.name).fetch()) national_championships = (Championship.query( Championship.national_championship == True).order( -Championship.year).fetch()) regional_championships = (Championship.query( Championship.region != None).order( Championship.region).order(-Championship.year).fetch()) state_championships = (Championship.query( Championship.state != None).order( Championship.state).order(-Championship.year).fetch()) states = State.query().fetch() regions = Region.query().fetch() return render_template('admin/edit_championships.html', c=common.Common(), all_us_competitions=all_us_competitions, national_championships=national_championships, regional_championships=regional_championships, state_championships=state_championships, states=states, regions=regions)
def delete_championship(championship_id): with client.context(): me = auth.user() if not me or not me.HasAnyRole(Roles.AdminRoles()): abort(403) championship = Championship.get_by_id(championship_id) championship.key.delete() # TODO: if we changed a championship we should update champions and eligibilities. return redirect('/admin/edit_championships')
def EditableRoles(user, editor): if not editor: return [] if editor.HasAnyRole([Roles.GLOBAL_ADMIN]): return Roles.AllRoles() elif editor.HasAnyRole([Roles.WEBMASTER, Roles.DIRECTOR]): return [Roles.WEBMASTER, Roles.DIRECTOR] else: return []
def edit_users_table(filter_text=''): with client.context(): me = auth.user() if not me or not me.HasAnyRole(Roles.AdminRoles()): abort(403) if filter_text: users_to_show = User.query(ndb.OR( User.name == filter_text, User.city == filter_text, User.wca_person == ndb.Key(Person, filter_text)), order_by=[User.name]).fetch(30) else: users_to_show = User.query(order_by=[User.name]).fetch(30) return render_template('admin/edit_users_table.html', c=Common(), users=users_to_show)
def edit_user(user_id=-1): with client.context(): me = auth.user() if not me: return redirect('/') if user_id == -1: user = me else: user = User.get_by_id(user_id) if not user: return error('Unrecognized user ID %d' % user_id) if not permissions.CanViewUser(user, me): return error('You\'re not authorized to view this user.') if request.method == 'GET': return render_template( 'edit_user.html', c=Common(), user=user, all_roles=Roles.AllRoles(), editing_location_enabled=permissions.CanEditLocation(user, me), can_view_roles=permissions.CanViewRoles(user, me), editable_roles=permissions.EditableRoles(user, me), successful=request.args.get('successful', 0)) city = request.form['city'] state_id = request.form['state'] if state_id == 'empty': state_id = '' if request.form['lat'] and request.form['lng']: lat = int(request.form['lat']) lng = int(request.form['lng']) else: lat = 0 lng = 0 template_dict = {} old_state_id = user.state.id() if user.state else '' changed_location = user.city != city or old_state_id != state_id user_modified = False if permissions.CanEditLocation(user, me) and changed_location: if city: user.city = city else: del user.city if state_id: user.state = ndb.Key(State, state_id) else: del user.state if user.wca_person and old_state_id != state_id: wca_person = user.wca_person.get() if wca_person: wca_person.state = user.state wca_person.put() RewriteRanks(wca_person) user.latitude = lat user.longitude = lng user_modified = True if changed_location: # Also save the Update. update = UserLocationUpdate() update.updater = me.key if city: update.city = city update.update_time = datetime.datetime.now() if state_id: update.state = ndb.Key(State, state_id) user.updates.append(update) elif changed_location: return error('You\'re not authorized to edit user locations.') for role in permissions.EditableRoles(user, me): if role in request.form and role not in user.roles: user.roles.append(role) user_modified = True elif role not in request.form and role in user.roles: user.roles.remove(role) user_modified = True if user_modified: user.put() return redirect(request.path + '?successful=1')
def CanEditLocation(user, editor): if not editor: return False if editor.HasAnyRole(Roles.AdminRoles()): return True return user == editor
def CanViewRoles(user, viewer): if not viewer: return False return (viewer.HasAnyRole(Roles.DelegateRoles()) or viewer.HasAnyRole(Roles.AdminRoles()))
def oauth_callback(): with client.context(): token = oauth.wca.authorize_access_token() resp = oauth.wca.get('me') resp.raise_for_status() wca_info = resp.json()['me'] session['wca_account_number'] = str(wca_info['id']) session.permanent = True user = User.get_by_id(str( wca_info['id'])) or User(id=str(wca_info['id'])) if 'wca_id' in wca_info and wca_info['wca_id']: user.wca_person = ndb.Key(Person, wca_info['wca_id']) # If the user has a state on their account, we should update this on the # Person and Ranks as well. if user.state: person = user.wca_person.get() if person: person.state = user.state person.put() for rank_class in (RankSingle, RankAverage): ndb.put_multi( rank_class.query( rank_class.person == person.key).fetch()) else: del user.wca_person if 'name' in wca_info: user.name = wca_info['name'] else: del user.name if 'email' in wca_info: user.email = wca_info['email'] else: del user.email user.roles = [ role for role in user.roles if role not in Roles.DelegateRoles() ] if 'delegate_status' in wca_info: if wca_info['delegate_status'] == 'senior_delegate': user.roles.append(Roles.SENIOR_DELEGATE) elif wca_info['delegate_status'] in ('delegate', 'candidate_delegate'): user.roles.append(Roles.DELEGATE) # For local development, make it easier to make a user a global admin. if os.environ.get('ADMIN_WCA_ID'): user.roles = [ role for role in user.roles if role != Roles.GLOBAL_ADMIN ] if wca_info['wca_id'] and wca_info['wca_id'] in os.environ.get( 'ADMIN_WCA_ID'): user.roles.append(Roles.GLOBAL_ADMIN) if wca_info['wca_id']: wca_id_user = User.get_by_id(wca_info['wca_id']) else: wca_id_user = None if wca_id_user: if wca_id_user.city and not user.city: user.city = wca_id_user.city if wca_id_user.state and not user.state: user.state = wca_id_user.state if wca_id_user.latitude and not user.latitude: user.latitude = wca_id_user.latitude if wca_id_user.longitude and not user.longitude: user.longitude = wca_id_user.longitude wca_id_user.key.delete() user.last_login = datetime.datetime.now() user.put() return redirect(session.pop('referrer', None) or '/')
def edit_users(): with client.context(): me = auth.user() if not me or not me.HasAnyRole(Roles.AdminRoles()): abort(403) return render_template('admin/edit_users.html', c=Common())