Skip to content

Commit 1b06260

Browse files
devinmattedevinmatte
committed
Merge branch 'develop' of github.com:ComputerScienceHouse/packet into develop
2 parents aeb8f27 + 7d6d98f commit 1b06260

File tree

5 files changed

+33
-11
lines changed

5 files changed

+33
-11
lines changed

packet/__init__.py

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77
import os
88

99
import csh_ldap
10-
import onesignal_sdk.client as onesignal
10+
import onesignal
1111
from flask import Flask
1212
from flask_gzip import Gzip
1313
from flask_migrate import Migrate
@@ -57,7 +57,7 @@
5757
app.config['ONESIGNAL_CSH_APP_ID']:
5858
csh_onesignal_client = onesignal.Client(
5959
user_auth_key=app.config['ONESIGNAL_USER_AUTH_KEY'],
60-
rest_api_key=app.config['ONESIGNAL_CSH_APP_AUTH_KEY'],
60+
app_auth_key=app.config['ONESIGNAL_CSH_APP_AUTH_KEY'],
6161
app_id=app.config['ONESIGNAL_CSH_APP_ID']
6262
)
6363
app.logger.info('CSH Onesignal configured and notifications enabled')
@@ -68,7 +68,7 @@
6868
app.config['ONESIGNAL_INTRO_APP_ID']:
6969
intro_onesignal_client = onesignal.Client(
7070
user_auth_key=app.config['ONESIGNAL_USER_AUTH_KEY'],
71-
rest_api_key=app.config['ONESIGNAL_INTRO_APP_AUTH_KEY'],
71+
app_auth_key=app.config['ONESIGNAL_INTRO_APP_AUTH_KEY'],
7272
app_id=app.config['ONESIGNAL_INTRO_APP_ID']
7373
)
7474
app.logger.info('Intro Onesignal configured and notifications enabled')

packet/notifications.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
from datetime import datetime
22
from typing import Any, Callable, TypeVar, cast
33

4-
import onesignal_sdk.client as onesignal
4+
import onesignal
55

66
from packet import app, intro_onesignal_client, csh_onesignal_client
77
from packet.models import NotificationSubscription, Packet

packet/routes/api.py

Lines changed: 25 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -96,10 +96,14 @@ def sync_ldap():
9696

9797
@app.route('/api/v1/packets/<username>', methods=['GET'])
9898
@packet_auth
99-
def get_packets_by_user(username: str) -> dict:
99+
@before_request
100+
def get_packets_by_user(username: str, info=None) -> dict:
100101
"""
101102
Return a dictionary of packets for a freshman by username, giving packet start and end date by packet id
102103
"""
104+
105+
if info['ritdn'] != username:
106+
return 'Forbidden - not your packet', 403
103107
frosh = Freshman.by_username(username)
104108

105109
return {packet.id: {
@@ -110,10 +114,15 @@ def get_packets_by_user(username: str) -> dict:
110114

111115
@app.route('/api/v1/packets/<username>/newest', methods=['GET'])
112116
@packet_auth
113-
def get_newest_packet_by_user(username: str) -> dict:
117+
@before_request
118+
def get_newest_packet_by_user(username: str, info=None) -> dict:
114119
"""
115120
Return a user's newest packet
116121
"""
122+
123+
if not info['is_upper'] and info['ritdn'] != username:
124+
return 'Forbidden - not your packet', 403
125+
117126
frosh = Freshman.by_username(username)
118127

119128
packet = frosh.packets[-1]
@@ -130,13 +139,17 @@ def get_newest_packet_by_user(username: str) -> dict:
130139

131140
@app.route('/api/v1/packet/<packet_id>', methods=['GET'])
132141
@packet_auth
133-
def get_packet_by_id(packet_id: int) -> dict:
142+
@before_request
143+
def get_packet_by_id(packet_id: int, info=None) -> dict:
134144
"""
135145
Return the scores of the packet in question
136146
"""
137147

138148
packet = Packet.by_id(packet_id)
139149

150+
if not info['is_upper'] and info['ritdn'] != packet.freshman.rit_username:
151+
return 'Forbidden - not your packet', 403
152+
140153
return {
141154
'required': vars(packet.signatures_required()),
142155
'received': vars(packet.signatures_received()),
@@ -198,13 +211,20 @@ def report(info):
198211

199212
@app.route('/api/v1/stats/packet/<packet_id>')
200213
@packet_auth
201-
def packet_stats(packet_id):
214+
@before_request
215+
def packet_stats(packet_id, info=None):
216+
if not info['is_upper'] and info['ritdn'] != Packet.by_id(packet_id).freshman.rit_username:
217+
return 'Forbidden - not your packet', 403
202218
return stats.packet_stats(packet_id)
203219

204220

205221
@app.route('/api/v1/stats/upperclassman/<uid>')
206222
@packet_auth
207-
def upperclassman_stats(uid):
223+
@before_request
224+
def upperclassman_stats(uid, info=None):
225+
if not info['is_upper']:
226+
return 'Forbidden', 403
227+
208228
return stats.upperclassman_stats(uid)
209229

210230

packet/templates/active_packets.html

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -112,5 +112,7 @@ <h4 class="page-title">Active Packets</h4>
112112

113113
{% block scripts %}
114114
{{ super() }}
115-
<script src="{{ url_for('static', filename='js/tables.min.js') }}"></script>
115+
{% if info.realm == "csh" %}
116+
<script src="{{ url_for('static', filename='js/tables.min.js') }}"></script>
117+
{% endif %}
116118
{% endblock %}

requirements.txt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ ddtrace
88
flask_sqlalchemy~=2.5.1
99
gunicorn~=20.0.4
1010
mypy
11-
onesignal-sdk~=2.0.0
11+
onesignal-sdk~=1.0.0
1212
psycopg2-binary~=2.8.6
1313
pylint-quotes~=0.2.1
1414
pylint~=2.7.2

0 commit comments

Comments
 (0)