def renderAdmin():
username = request.args.get("username")
token = request.args.get("token")
if not authentication.checkToken(username, token) and authentication.getAccessStructure(username)["is_admin"]:
return render_template('admin.html')
else:
return ("Not authorized", 401)
def updateName():
id = int(request.args.get("id"))
name = request.args.get("newName")
username = request.args.get("username")
token = request.args.get("token")
request_validity = authentication.checkToken(username, token)
if request_validity == 0:
AC = authentication.getAccessStructure(username)
if not AC:
return ("Error when checking for access structure", 500)
else:
if not AC['can_edit_features']:
return ("User is not authorized to edit features", 401)
else:
if id and len(name) > 0:
result = database.changeName(id, name)
return ("success", 200)
return ("error", 500)
if result:
return ("success", 200)
else:
return ("error when changing name", 500)
elif request_validity == 1:
return("Invalid Token", 400)
elif request_validity == 2:
return("Invalid user", 400)
else:
return("Server error", 500)
def updateGWLocations():
username = request.args.get("username")
token = request.args.get("token")
request_validity = authentication.checkToken(username, token)
if request_validity == 0:
AC = authentication.getAccessStructure(username)
if not AC:
return ("Error when checking for access structure", 500)
else:
if not AC['can_edit_features']:
return ("User is not authorized to edit features", 401)
else:
newInfo = request.get_json()
newInfo_array = []
for k in newInfo:
newInfo_array.append(((k["l"]["lat"]), (k["l"]["lng"])))
result = database.updateGWLocations(newInfo_array)
database.generateGWJson()
if result:
return ("success", 200)
else:
return ("error when updating GW locations", 500)
elif request_validity == 1:
return("Invalid Token", 400)
elif request_validity == 2:
return("Invalid user", 400)
else:
return("Server error", 500)
def approvePermissions():
id = int(request.args.get("id"))
username = request.args.get("username")
token = request.args.get("token")
if not authentication.checkToken(username, token) and authentication.getAccessStructure(username)["is_admin"]:
authentication.approveUser(id)
else:
return ("Not authorized", 401)
return ("OK", 200)
def revokeUser():
uid = int(request.args.get("id"))
username = request.args.get("username")
token = request.args.get("token")
if not authentication.checkToken(username, token) and authentication.getAccessStructure(username)["is_admin"]:
if not authentication.revokeUserPrivileges(uid):
return ("OK", 200)
else:
return ("Server error", 500)
else:
return ("Not authorized", 401)
return ("Unknown error", 500)
def deleteUser():
uid = int(request.args.get("id"))
username = request.args.get("username")
token = request.args.get("token")
if not authentication.checkToken(username, token) and authentication.getAccessStructure(username)["is_admin"]:
result = authentication.deleteUser(uid)
if not result:
return ("OK", 200)
elif result == 2:
return("User not found", 400)
else:
return ("Server error", 500)
else:
return ("Not authorized", 401)
return ("Unknown error", 500)