ahmet/icpc-webprint
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
icpc-webprint/server-tx/app/admin/views.py

188 lines
7.5 KiB
Python
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

from . import m_admin
import json
from datetime import datetime
from flask import render_template
from flask import Response
from flask import redirect
from flask import request
from flask import session
from app._tools.decorators import auth_required
from app._tools.decorators import admin_required
from app._tools.database import DataManager
from app._tools.database import SessionManager
from app._tools.database import ConfigManager
from app.config import _SUPER_ADMINS as SUPER
from app.config import _SALT as SALT
from app._tools import passhash
@m_admin.app_template_filter("format_timestamp")
def format_timestamp(value):
try:
dt = datetime.fromtimestamp(value)
return dt.strftime("%d.%m.%Y %H:%M")
except:
return "Invalid timestamp"
@m_admin.route('/')
@auth_required
@admin_required
def panel():
user = DataManager.get_user(SessionManager.get_session(session["token"]).user_id)
users = DataManager.get_all_users()
return render_template('admin/admin_main.html', user = user, users = users, settings = ConfigManager.get_config())
@m_admin.route('/create')
@auth_required
@admin_required
def create():
return render_template("admin/user_create.html")
@m_admin.route('/create_many')
@auth_required
@admin_required
def create_manu():
return render_template("admin/user_create_many.html")
@m_admin.route('/account_created_many', methods=['POST'])
@auth_required
@admin_required
def create_many_proc():
data = dict(request.form)
usernames = str(data['username']).split(';')
passwords = str(data['password']).split(';')
teams = str(data['team_name']).split(';')
locations = str(data['location']).split(';')
for i in range(len(usernames)):
if (DataManager.get_user_by_name(usernames[i]) != None):
return render_template("error.html", error = "Пользователь с таким логином существует!")
if len(passwords[i]) < 4:
return render_template("error.html", error = "Длина пароля должна превышать 3 символа!")
user = DataManager.get_user(SessionManager.get_session(session["token"]).user_id)
if teams[i] == "$root$" and user.username not in SUPER:
return render_template("error.html", error = "У вас нет прав на работу с группой $root$!")
DataManager.add_user(
usernames[i],
teams[i],
locations[i],
passhash.hashPassword(passwords[i], SALT)
)
cuser = DataManager.get_user_by_name(data['username'])
return "Done"
@m_admin.route('/account_created', methods=['POST'])
@auth_required
@admin_required
def create_proc():
data = dict(request.form)
if (DataManager.get_user_by_name(data['username']) != None):
return render_template("error.html", error = "Пользователь с таким логином существует!")
if len(data['password']) < 4:
return render_template("error.html", error = "Длина пароля должна превышать 3 символа!")
user = DataManager.get_user(SessionManager.get_session(session["token"]).user_id)
if data['team_name'] == "$root$" and user.username not in SUPER:
return render_template("error.html", error = "У вас нет прав на работу с группой $root$!")
DataManager.add_user(
data['username'],
data['team_name'],
data['location'],
passhash.hashPassword(data['password'], SALT)
)
cuser = DataManager.get_user_by_name(data['username'])
return render_template("admin/user_created.html", cuser = cuser, password_onetime = data['password'])
@m_admin.route('/edit/<id>')
@auth_required
@admin_required
def edit_team(id : int):
euser = DataManager.get_user(id)
return render_template('admin/user_edit.html', edituser = euser)
@m_admin.route('/edit/settings', methods=['POST'])
@auth_required
@admin_required
def edit_settings():
data = dict(request.form)
cur_config = ConfigManager.get_config()
cur_config['print']['watermark'] = data['watermark']
data['pages-per-request'] = int(data['pages-per-request'])
data['seconds-per-request'] = int(data['seconds-per-request'])
if data['pages-per-request'] in range(1, 51):
cur_config['print']['limits']['pages-per-request'] = data['pages-per-request']
else:
return render_template("error.html", error = "Лимит страниц должен быть в рамках от 1 до 50 страниц!")
if data['seconds-per-request'] in range(5, 61):
cur_config['print']['limits']['seconds-per-request'] = data['seconds-per-request']
else:
return render_template("error.html", error = "Задержка между запросами должна быть от 5 до 60 секунд!")
ConfigManager.set_config(cur_config)
return redirect("/admin/")
@m_admin.route('/edit/server-rx', methods=['POST'])
@auth_required
@admin_required
def edit_server_rx():
data = dict(request.form)
cur_config = ConfigManager.get_config()
if int(data['server-port']) not in range(1, 65536):
return render_template("error.html", error = "Порт в диапазоне от 1 до 65535!")
cur_config['server']['port'] = int(data['server-port'])
cur_config['server']['ip'] = str(data['server-ip'])
cur_config['server']['secret'] = str(data['server-secret'])
ConfigManager.set_config(cur_config)
gen_json = dict()
gen_json = cur_config['server']
gen_json = json.dumps(
gen_json,
indent = 4
)
response = Response(gen_json, mimetype='application/json')
response.headers['Content-Disposition'] = 'attachment; filename=server-rx.json'
response.headers['Content-Type'] = 'application/json'
response.headers['Refresh'] = '1; url=' + "/admin"
return response
@m_admin.route('/edit/proc/<id>', methods=['POST'])
@auth_required
@admin_required
def edit_proc(id : int):
data = dict(request.form)
e_user = DataManager.get_user(id)
user = DataManager.get_user(SessionManager.get_session(session["token"]).user_id)
if data['team_name'] == "$root$" and user.username not in SUPER:
return render_template("error.html", error = "У вас нет прав на работу с группой $root$!")
if e_user.team == "$root$" and user.username not in SUPER:
return render_template("error.html", error = "Вы не можете редактировать других Администраторов!")
if (len(data['new_password']) > 3):
DataManager.edit_user(
id,
'passkey',
passhash.hashPassword(data['new_password'], SALT)
)
if e_user.team != data['team_name']:
DataManager.edit_user(
id,
'team',
data['team_name']
)
if e_user.loc != data['location']:
DataManager.edit_user(
id,
'loc',
data['location']
)
return redirect("/admin")
@m_admin.route('/remove/<id>')
@auth_required
@admin_required
def remove_team(id : int):
user = DataManager.get_user(SessionManager.get_session(session["token"]).user_id)
if user.username not in SUPER:
return render_template("error.html", error = "Обратитесь к Супер-администратору. У вас нет прав на удаление пользователей!")
SessionManager.remove_session_by_user(id)
DataManager.del_user(id)
return redirect("/admin")
Reference in New Issue View Git Blame Copy Permalink