示例#1
0
def handler(data: ParsedRequest) -> dict:
    action = data.action
    if action == "get-leaderboard":
        return generate_leaderboard()
    user_id = get_current_user()
    if action == "get-question":
        if not user_id:
            return get_question(0)  # by default
        else:
            user_data: UserTable = get_user_by_id(user_id)
            if not user_data:
                return {"error": "Deleted.."}
            return get_question(user_data.current_level)

    if action == "answer-question" or action == "answer":
        if not user_id:
            return {"error": "You are logged out"}, DENIED

        user_data: UserTable = get_user_by_id(user_id)
        if not user_data:
            return {"error": "Deleted"}
        if user_data.is_disqualified:
            return {"error": "Disqualified"}
        return answer_question(user_data.current_level,
                               data.json.get("answer"), user_data)
示例#2
0
def handler(data: ParsedRequest):
    action = data.action
    if action == "get-user-details":
        return get_user_details(data.args.get("id"), is_logged_in())
    if action == "add-user" or action == "create":
        return {"umm": "no"}
        # return add_user(data.json)
    if action == "authenticate":
        return authenticate(data.json)
    if action == "edit":
        return edit(data.json)
    if action == "forgot-password":
        return forgot_password(data.json)
    if action == "check-password-token":
        return check_password_token(data.json)
    if action == "verify-email":
        return send_verification_email(data.json)
    if action == "check-email-token":
        return check_email_token(data.json)
    if action == "user-count":
        return {"count": get_user_num()}
    if action == "check-auth":
        logged_in = is_logged_in()
        user_details = None
        if logged_in:
            user_details = get_user_by_id(get_current_user())
            if not user_details:
                return {"is_logged_in": False}
            user_details = user_details.as_json
        return {"is_logged_in": bool(logged_in), "user_data": user_details}
def handler(data: ParsedRequest) -> dict:
    action = data.action
    if action == "create-admin-account":
        return create_admin_account(data)
    curr = get_current_user()
    if not curr or is_not_admin(curr):
        return (
            {
                "error":
                "You do not have the permissions to access this content"
            },
            DENIED,
        )
    if action == "get-logs":
        return get_log_from_file_system()
    # if action == "clear-logs":
    #     clean_logs()
    #     return None
    if action == "merge-logs":
        merge_logs(data.json)
        return SUCCESS
    if action == "get-users":
        return get_all_users()
    if action == "get-questions":
        return get_all_questions()
    if action == "add-question":
        return add_question(data.json)
    if action == "get-latest-question-number":
        q = get_latest_q_level()
        qid = get_ques_by_id(q)
        return {
            "question_number": q,
            "question_data": qid.as_json if qid is not None else qid,
        }
    if action == "edit-question":
        return edit_question(data.json)
    if not data.json:
        return {"error": "Invalid"}
    # if action == "elevate-status":
    #     return convert_to_admin_account(data.json)
    user = get_user_by_id(data.json.get("user"))
    post_level_up_webhook(
        f"'{curr}' performed an admin action ({action} on {user.user})")
    if action == "__edit__":
        return admin_edit_user(user, data.json)
    if action == "delete-user":
        return delete_user(user)
    if action == "disqualify":
        return disqualify(user)
    if action == "requalify":
        return requalify(user)
示例#4
0
def get_user_details(idx: str,
                     get_authenticated_data: bool,
                     get_class_instance: bool = False) -> dict:
    data: UserTable = get_user_by_id(idx)
    if get_authenticated_data and get_class_instance:
        return data
    curr = get_current_user()
    is_admin = False
    if curr:
        is_admin = get_user_by_id(curr)
        is_admin = is_admin.is_admin if is_admin else False
    if data:
        ret = data.as_json
        if is_admin or (data.user == curr and get_authenticated_data):
            return ret
        else:
            ret.pop("secure_data")
            return ret
    return None
示例#5
0
def edit(js: dict) -> dict:
    if not is_logged_in():
        return {"error": "Not Authenticated"}
    user = js.get("user", "").strip()
    field = js.get("field", "").strip()
    if field not in ["email", "school", "ig_user_id"]:
        return {"error": "cannot edit specified field"}
    new_value = js.get("new_value", "").strip()
    if user != get_current_user():
        return {"error": "Invalid credentials"}
    invalid_data_arr = []
    if not user:
        invalid_data_arr.append("user")
    if not field:
        invalid_data_arr.append("column")
    if not new_value:
        invalid_data_arr.append("value")

    if invalid_data_arr:
        return {"error": f"Missing data: {', '.join(invalid_data_arr)}"}

    user_table = get_user_by_id(user)

    attr = getattr(user_table, field, sentinel)
    if attr == sentinel:
        return {"error": "Invalid field"}
    if attr == new_value:
        # prevent a useless write
        return {"user_data": user_table.as_json}
    try:
        setattr(user_table, field, new_value)
        if field == "email":
            if not validate_email_address(new_value):
                return {"error": "Invalid email"}
            user_table.has_verified_email = False
        save_to_db()
        return {"user_data": user_table.as_json}
    except:
        return {
            "error":
            "Could not update" if field != "email" else
            "Could not update email, maybe another account is using that address"
        }
示例#6
0
def handler(data: ParsedRequest):
    action = data.action
    ip = data.client_ip
    current = get_current_user()
    if action == "1":
        return {"success": "Ok"}
        js = data.json
        type_ = js.pop("type")
        user = current or None
        log = Logs(type_, user, ip, js_time(), js)
        add_to_db(log)
        return {"success": "Ok"}
    if action == "get":
        return {}
        if current is None:
            return {"error": "Not authenticated"}
        user = get_user_by_id(current)
        if user is None or not user.is_admin:
            return {"error": "Not authenticated"}
        ret = query_all(Logs)
        return map_to_list(lambda x: x.as_json, ret)