def reservations():
if request.method == 'GET':
##temp disable reservations since users can still reserve time for current day even if in disbaled range
if current_app.config['ALLOW_RESERVATIONS'] != 'True':
flash("Reservations are currently unavailable and will resume for the Spring 2021 semester.",'warning')
return render_template('layout.html')
db = g.db_session()
temp = db.query(UserLocation).filter_by(sid=session['sid']).filter_by(location_id=2).one_or_none().get_missing_trainings(db)
if (9 in [each[0].id for each in temp]):
flash("You are not cleared to make reservations at this time. Please chcek the status of your safety trainings or contact Idea Shop staff for assistance.",'warning')
return render_template('layout.html')
user = db.query(User).filter_by(sid=session['sid']).one_or_none()
reservation_types = g.reservation_db.query(ReservationType).order_by(ReservationType.id.asc()).all()
db.close()
return render_template('reservations.html', reservation_types=reservation_types, user=user, openDate=datetime.date(2020, 9, 8), dateWindows=get_window())
if request.method == 'POST':
user = g.db_session().query(User).filter_by(sid=session['sid']).one_or_none()
start_time = datetime.datetime.strptime(request.form['start_time'],"%Y-%m-%d %X")
end_time = datetime.datetime.strptime(request.form['end_time'],"%Y-%m-%d %X")
db = g.reservation_db
reservation_type = db.query(ReservationType).filter_by(id=int(request.form['reservation_type'])).one_or_none()
parent = Reservations(type_id=reservation_type.id, start=start_time, end=end_time, sid=user.sid)
db.add(parent)
db.flush()
flash("Created %s reservation for %s, %s - %s" % (reservation_type.name, user.name, parent.start, parent.end),'success')
for each in [x for x in list(request.form.keys()) if 'user' in x and request.form[x] != '']:
response = confirmAllowed(request.form[each])
if response['valid'] is True:
db.add(Reservations(type_id=int(request.form['reservation_type']), start=start_time, end=end_time, sid=response['user'].sid, parent_id=parent.id))
db.flush()
flash("Created %s reservation for %s, %s - %s" % (reservation_type.name, response['user'].name, parent.start, parent.end),'success')
db.commit()
return redirect(url_for('reservations'))
def calendar_search_api():
""" Calendar events! """
g.parser.add_argument('filter', type=bounded_str, default='',
location='args')
g.parser.add_argument('view', type=view, location='args')
args = strict_parse_args(g.parser, request.args)
term_filter_string = '%{}%'.format(args['filter'])
term_filter = or_(
Calendar.name.like(term_filter_string),
Calendar.description.like(term_filter_string))
eager = subqueryload(Calendar.events)
if view == 'count':
query = g.db_session(func.count(Calendar.id))
elif view == 'ids':
query = g.db_session.query(Calendar.id)
else:
query = g.db_session.query(Calendar)
results = query.filter(Calendar.namespace_id == g.namespace.id,
term_filter).order_by(asc(Calendar.id))
if view == 'count':
return g.encoder.jsonify({"count": results.one()[0]})
results = results.limit(args['limit'])
if view != 'ids':
results = results.options(eager)
results = results.offset(args['offset']).all()
return g.encoder.jsonify(results)
def COVID():
if request.method == 'GET':
db = g.db_session()
#flash("Video safety training is not currently available. Please check back on September 14th, 2020.", 'warning')
#return render_template('layout.html')
return render_template(
'COVID_video.html',
youtube_id=current_app.config['COVID_YOUTUBE_ID'],
video_time_seconds=int(current_app.config['COVID_VIDEO_SECONDS']))
elif request.method == 'POST':
db = g.db_session()
print(request.form['sid'])
db.add(
Training(trainee_id=int(request.form['sid']),
trainer_id=20000000,
machine_id=9,
date=sa.func.now()))
db.commit()
flash(
"Thank you for participating in the Assembly Area Fall 2020 COVID training. Your verification quiz will be available on this site in one week. \
You can re-watch the video at any time by visiting https://wiki.ideashop.iit.edu/index.php?title=Safety_Training",
'success')
return render_template('layout.html')
def checkEmail():
db = g.db_session()
user = db.query(User).filter_by(email=request.args['email']).one_or_none()
if user:
userLocation = db.query(UserLocation).filter_by(sid=user.sid).filter_by(location_id=2).one_or_none()
if userLocation:
temp = userLocation.get_missing_trainings(db)
if (9 in [each[0].id for each in temp]):
return jsonify({'valid': False, 'reason': "User not cleared for reservations."})
else:
return jsonify({'valid': True, 'reason': "User cleared for reservations."})
else:
return jsonify({'valid': False, 'reason': "User not cleared for reservations."})
return jsonify({'valid': False, 'reason': "User does not exist."})
def login(): # AUTH
if request.method == 'GET':
if 'legacy' in request.args and bool(request.args['legacy']) is True:
return render_template('login.html', legacy=True)
else:
return render_template('login.html', legacy=False)
if request.method == 'POST':
db = g.db_session()
user = db.query(User).filter_by(sid=request.form['pin']).one_or_none()
if user:
if user.email != request.form['email']:
flash(
"Account Register with . Please contact Idea Shop staff for assistance.",
'danger')
return render_template('login.html', legacy=False)
session['sid'] = user.sid
session['email'] = user.email
user_level_list = db.query(
Type.level).outerjoin(UserLocation).filter(
UserLocation.sid == session['sid']).all()
if not user_level_list:
db.add(
UserLocation(sid=user.sid,
location_id=2,
type_id=0,
waiverSigned=None))
db.add(
UserLocation(sid=user.sid,
location_id=3,
type_id=0,
waiverSigned=None))
user_max_level = max([item for t in user_level_list for item in t])
if user_max_level > 0:
session['admin'] = user_max_level
else:
session['admin'] = None
return redirect(url_for('index'))
else:
user = db.query(User).filter_by(
email=request.form['email']).one_or_none()
if user:
flash(
"Email linked with an account. Please contact Idea Shop staff for assistance.",
'danger')
return render_template('login.html', legacy=False)
else:
flash("Please register before continuing.", 'warning')
return redirect(
url_for('register', email=request.form['email'], name=""))
def confirmAllowed(email):
db = g.db_session()
user = db.query(User).filter_by(email=email).one_or_none()
if user:
userLocation = db.query(UserLocation).filter_by(sid=user.sid).filter_by(location_id=2).one_or_none()
if userLocation :
temp = userLocation.get_missing_trainings(db)
if (9 in [each[0].id for each in temp]):
flash("User %s is not cleared for reservations." % email, 'danger')
return {'valid': False,'user': user}
else:
return {'valid': True, 'user': user}
else:
flash("User %s does not exist and cannot join reservations." % email, 'danger')
return {'valid': False, 'user': None}
def calendar_search_api():
""" Calendar events! """
g.parser.add_argument('filter',
type=bounded_str,
default='',
location='args')
g.parser.add_argument('view', type=view, location='args')
args = strict_parse_args(g.parser, request.args)
term_filter_string = '%{}%'.format(args['filter'])
term_filter = or_(Calendar.name.like(term_filter_string),
Calendar.description.like(term_filter_string))
eager = subqueryload(Calendar.events). \
subqueryload(Event.participants_by_email)
if view == 'count':
query = g.db_session(func.count(Calendar.id))
elif view == 'ids':
query = g.db_session.query(Calendar.id)
else:
query = g.db_session.query(Calendar)
results = query.filter(Calendar.namespace_id == g.namespace.id,
term_filter).order_by(asc(Calendar.id))
if view == 'count':
return g.encoder.jsonify({"count": results.one()[0]})
results = results.limit(args['limit'])
if view != 'ids':
results = results.options(eager)
results = results.offset(args['offset']).all()
return g.encoder.jsonify(results)
def get_dbsession():
if 'db_session' not in g:
engine = _get_engine()
g.db_session = sessionmaker(bind=engine)
return g.db_session()
def login_google(): # AUTH
if 'credentials' not in session:
return redirect('authorize')
# Load credentials from the session.
credentials = google.oauth2.credentials.Credentials(
**session['credentials'])
profile = googleapiclient.discovery.build(API_SERVICE_NAME,
API_VERSION,
credentials=credentials)
gSuite = profile.userinfo().get().execute()
# Save credentials back to session in case access token was refreshed.
# ACTION ITEM: In a production app, you likely want to save these
# credentials in a persistent database instead.
session['credentials'] = credentials_to_dict(credentials)
db = g.db_session()
user = db.query(User).filter_by(email=gSuite['email']).one_or_none()
if user:
session['sid'] = user.sid
session['email'] = user.email
user_level_list = db.query(Type.level).outerjoin(UserLocation).filter(
UserLocation.sid == session['sid']).all()
if not user_level_list:
db.add(UserLocation(sid=user.sid, location_id=2, type_id=2))
db.add(UserLocation(sid=user.sid, location_id=3, type_id=2))
db.commit()
user_level_list = db.query(
Type.level).outerjoin(UserLocation).filter(
UserLocation.sid == session['sid']).all()
elif not {2, 3}.issubset([
x for y in db.query(UserLocation.location_id).filter_by(
sid=user.sid).all() for x in y
]):
if 2 not in [
x for y in db.query(UserLocation.location_id).filter_by(
sid=user.sid).all() for x in y
]:
db.add(UserLocation(sid=user.sid, location_id=2, type_id=2))
elif 3 not in [
x for y in db.query(UserLocation.location_id).filter_by(
sid=user.sid).all() for x in y
]:
db.add(UserLocation(sid=user.sid, location_id=3, type_id=2))
db.commit()
user_level_list = db.query(
Type.level).outerjoin(UserLocation).filter(
UserLocation.sid == session['sid']).all()
if not user_level_list:
flash("Error with automatic UserLocation creation.", 'danger')
return redirect(url_for('index'))
user_max_level = max([item for t in user_level_list for item in t])
if user_max_level > 0:
session['admin'] = user_max_level
else:
session['admin'] = None
return redirect(url_for('index'))
else:
if 'iit.edu' in gSuite['email']:
flash("Please register before continuing.", 'warning')
return redirect(
url_for('register', email=gSuite['email'],
name=gSuite['name']))
else:
flash(
"User not found. Be sure to log in with your Illinois Tech Google Account. If you continue to encounter this error, please contact Idea Shop staff for assistance.",
'danger')
return render_template('login.html', legacy=False)
