def getRegradeRequests(): if not is_staff(get_course()): return dict(success=False) with connect_db() as db: can_access_all_regrades = (True if DEV else can_user( course=get_course(), email=get_user()["email"], action="access_all_regrades", )) if can_access_all_regrades: regrade_requests = db( "SELECT email, assignment, backup_id, description, status FROM regrade_requests WHERE courseCode=%s", [get_course()], ) else: regrade_requests = db( "SELECT email, assignment, backup_id, description, status FROM regrade_requests WHERE courseCode=%s AND assigned_to=%s", [get_course(), get_user()["email"]], ) data = [ dict( email=row[0], assignment=row[1], backup_id=row[2], description=row[3], status=row[4], ) for row in regrade_requests ] return jsonify(data)
def delete_secret(app_name, secret_name): if not is_admin(get_user()["email"], "cs61a"): return login() with connect_db() as db: db("DELETE FROM secrets WHERE app=%s AND name=%s", [app_name, secret_name]) return redirect(url_for("index"))
def create_secret(service): if not is_staff("cs61a"): return login() email = get_user()["email"] if not is_admin(course="cs61a", email=email): abort(401) if service not in list_services(): abort(404) out = reversed([ entry["timestamp"] + " " + escape(entry["textPayload"]) for entry in loads( sh( "gcloud", "logging", "read", f"projects/cs61a-140900/logs/run.googleapis.com AND resource.labels.service_name={service}", "--limit", "100", "--format", "json", capture_output=True, )) if "textPayload" in entry ]) return "<pre>" + "\n".join(map(str, out)) + "</pre>"
def index(): if not is_staff("cs61a"): return login() email = get_user()["email"] if not is_admin(course="cs61a", email=email): abort(401) with connect_db() as db: apps = db("SELECT app FROM services WHERE pr_number=0", []).fetchall() pr_apps = db( "SELECT app, pr_number FROM services WHERE pr_number>0 ORDER BY pr_number DESC", [], ).fetchall() return html( f""" This service manages the deployment of the 61A website and various apps. {"".join(f''' <form action="/deploy_prod_app"> <input type="submit" name="app" value="{app}" /> </form> ''' for [app] in apps)} {"".join(f''' <form action="/trigger_build"> <input type="hidden" name="app" value="{app}" /> <input type="hidden" name="pr_number" value="{pr_number}" /> <input type="submit" value="{app + "-pr" + str(pr_number)}" /> </form> ''' for [app, pr_number] in pr_apps)} <form action="/delete_unused_services" method="post"> <input type="submit" value="Delete unused services" /> </form> """ )
def delete_unused_services_handler(): if not is_staff("cs61a"): return login() email = get_user()["email"] if not is_admin(course="cs61a", email=email): return login() delete_unused_services() return redirect(url_for("index"))
def index(): username = get_username() out = "<h1>61A Sandbox IDE</h1>\n" out += f"Hi {get_user()['name'].split()[0]}! Your IDE is " session[SK_RETURN_TO] = url_for("index") return gen_index_html(out, username, is_software_ta(get_user()["email"]))
def deploy_prod_app(): if not is_staff("cs61a"): return login() email = get_user()["email"] if not is_admin(course="cs61a", email=email): abort(401) app = request.args["app"] deploy_prod_app_sync(target_app=app, noreply=True) return html(f"Deploying <code>{app}</code> from master!")
def query(): try: if is_logged_in(): user = get_user() email = user["email"] target = request.args.get("target", None) if is_staff(get_course()): if target: email = target else: all_students = [] with connect_db() as db: lookup = db( "SELECT shortData FROM students WHERE courseCode=%s", [get_course()], ).fetchall() for row in lookup: parsed = json.loads(row[0]) all_students.append(parsed) return jsonify({ "success": True, "isStaff": True, "allStudents": all_students, "email": user["email"], "name": user["name"], "lastUpdated": last_updated(), }) with connect_db() as db: [short_data, data] = db( "SELECT shortData, data FROM students WHERE courseCode=%s AND email=%s", [get_course(), email], ).fetchone() [header ] = db("SELECT header FROM headers WHERE courseCode=%s", [get_course()]).fetchone() short_data = json.loads(short_data) data = json.loads(data) header = json.loads(header) return jsonify({ "success": True, "header": header, "data": data, "email": short_data["Email"], "name": short_data["Name"], "SID": short_data["SID"], "lastUpdated": last_updated(), }) else: return jsonify({"success": False, "retry": True}) except Exception: pass return jsonify({"success": False, "retry": False})
def sudo(username): if not is_software_ta(get_user()["email"]): return redirect(url_for("index")) out = "<h1>61A Sandbox IDE</h1>\n" out += f"Hi {get_user()['name'].split()[0]}! {username}'s IDE is " session[SK_RETURN_TO] = url_for("sudo", username=username) return gen_index_html(out, username, True)
def is_staff(course): try: token = session.get("access_token") or request.cookies.get( "access_token") if not token: return False email = get_user()["email"] with connect_db() as db: if course: admins = db( "SELECT email FROM course_admins WHERE course=(%s)", [course]).fetchall() admins = set(x[0] for x in admins) if admins: if email in admins: db( "UPDATE course_admins SET name=(%s) WHERE email=(%s)", [get_name(), email], ) return True else: return False # otherwise, let anyone on staff access with connect_db() as db: if course is not None: [endpoint ] = db("SELECT endpoint FROM courses WHERE course=(%s)", [course]).fetchone() else: endpoint = None for participation in get_user()["participations"]: if participation["role"] not in AUTHORIZED_ROLES: continue if participation["course"][ "offering"] != endpoint and endpoint is not None: continue return True return False except Exception as e: # fail safe! print(e) return False
def get_staff_endpoints(): try: ret = get_user() for course in ret["participations"]: if course["role"] not in AUTHORIZED_ROLES: continue yield course["course"]["offering"] except Exception as e: # fail safe! print(e) return False
def index(): if not is_staff("cs61a"): return login() email = get_user()["email"] if not is_admin(course="cs61a", email=email): abort(401) service_list = "\n".join( f"<p /><a href={url_for('create_secret', service=service)}>{service}</a>" for service in list_services()) return f"""
def wrapped(*args, access_token=None, course="cs61a", **kwargs): token_good = access_token and is_admin_token(access_token=access_token, course=course) cookie_good = is_staff(course=course) and is_admin( email=get_user()["email"], course=course) if token_good or cookie_good: try: return func(*args, **kwargs, course=course) except PermissionError: pass if access_token: raise PermissionError else: return login()
def set_config(): if not is_staff(get_course()): return jsonify({"success": False}) if not DEV and not can_user( course=get_course(), email=get_user()["email"], action="configure_howamidoing", ): return jsonify({"success": False}) data = request.form.get("data") with connect_db() as db: db("DELETE FROM configs WHERE courseCode=%s", [get_course()]) db("INSERT INTO configs VALUES (%s, %s)", [get_course(), data]) return jsonify({"success": True})
def set_grades_route(): if not is_staff(get_course()): return jsonify({"success": False}) if not DEV and not can_user( course=get_course(), email=get_user()["email"], action="configure_howamidoing", ): return jsonify({"success": False}) data = request.form.get("data") with transaction_db() as db: set_grades(data, get_course(), db) return jsonify({"success": True})
def login(): user_data = get_user() user = User.query.filter_by(email=user_data["email"]).one_or_none() if user is None: user = User(email=user_data["email"], name=user_data["name"], is_staff=False) db.session.add(user) user.name = user_data["name"] or user_data["email"] for participation in user_data["participations"]: if participation["course"]["offering"] == get_endpoint(): break else: if getenv("ENV") == "prod": return user.is_staff = is_staff("cs61a" if dev else get_course()) db.session.commit() login_user(user)
def view_course(course=None): if not course: course = request.form["course"] return redirect(url_for("canonical_view_course", course=course)) if not is_logged_in(): return login() email = get_user()["email"] if not is_admin(email, course): abort(403) with connect_db() as db: apps = db( "SELECT domain, app, status FROM hosted_apps WHERE course=(%s)", [course]).fetchall() return html(f""" <h2>Hosted Apps for {format_coursecode(course)}</h2> {"<p>".join(f"<code>{domain}</code> ({app}) - {status}" for domain, app, status in apps)} """)
def index(path): try: info = get_user() for p in info["participations"]: if p["course"]["offering"] == get_endpoint( "cs61a") and p["role"] == "student": return redirect("https://www.youtube.com/watch?v=dQw4w9WgXcQ") except: pass # don't let the rickroll crash anything else if not is_staff("cs61a"): return login() bucket = get_bucket( { "cs61a": "website-base", "solutions2": "website-base", "solutions": "website-base", }, "website-base", ) return serve_path(bucket, "/unreleased/", path)
def trigger_build(): if not is_staff("cs61a"): return login() email = get_user()["email"] if not is_admin(course="cs61a", email=email): abort(401) if "app" in request.args: target = request.args["app"] else: target = None pr_number = int(request.args["pr_number"]) g = Github(get_secret(secret_name="GITHUB_ACCESS_TOKEN")) repo = g.get_repo(GITHUB_REPO) pr = repo.get_pull(pr_number) if DO_NOT_BUILD in [l.name for l in pr.labels]: return html( f"PR <code>{pr_number}</code> has a DO NOT BUILD label on it, so it cannot be built. Remove this label to build the PR." ) trigger_build_sync(pr_number=pr_number, target_app=target, noreply=True) return html(f"Building PR <code>{pr_number}</code>!")
def get_name(): return get_user()["name"]
def get_username(): return (get_user()["email"].split("@")[0].replace(".", "-") if is_prod_build() else DEFAULT_USER)
def is_berkeley(): return get_user()["email"].endswith("@berkeley.edu")
def wrapped(*args, **kwargs): if not (is_staff("cs61a") and is_admin(email=get_user()["email"])): return login() return func(*args, **kwargs)
def get_username(): return get_user()["email"].split( "@")[0] if is_prod_build() else DEFAULT_USER
def index(): session["email"] = get_user()["email"] return "<script> window.close(); </script>"
def query(): try: if is_logged_in(): user = get_user() email = user["email"] target = request.args.get("target", None) admin = True if DEV else is_admin(course=get_course(), email=email) if is_staff(get_course()): if target: email = target else: show_all_students = has_access_to_all_grades() students = [] with connect_db() as db: lookup = db( "SELECT shortData FROM students WHERE courseCode=%s", [get_course()], ).fetchall() for row in lookup: parsed = json.loads(row[0]) if show_all_students or parsed.get("TA", "") in ( "", email, ): students.append(parsed) return jsonify({ "success": True, "isStaff": True, "isAdmin": admin, "canExportGrades": show_all_students, "allStudents": students, "email": user["email"], "name": user["name"], "lastUpdated": last_updated(), }) with connect_db() as db: [short_data, data] = db( "SELECT shortData, data FROM students WHERE courseCode=%s AND email=%s", [get_course(), email], ).fetchone() [header ] = db("SELECT header FROM headers WHERE courseCode=%s", [get_course()]).fetchone() short_data = json.loads(short_data) if not (email == user["email"] or admin or short_data.get( "TA", "") in ("", user["email"])): return jsonify({"success": False, "retry": False}) data = json.loads(data) header = json.loads(header) return jsonify({ "success": True, "header": header, "data": data, "email": short_data["Email"], "name": short_data["Name"], "SID": short_data["SID"], "ta": short_data.get("TA", ""), "lastUpdated": last_updated(), }) else: return jsonify({"success": False, "retry": True}) except Exception: pass return jsonify({"success": False, "retry": False})
def get_email(): return get_user()["email"]
def has_access_to_all_grades(): return (True if DEV else can_user( course=get_course(), email=get_user()["email"], action="export_all_howamidoing_grades", ))