diff --git a/app.py b/app.py index 51e2088..b8d719f 100644 --- a/app.py +++ b/app.py @@ -16,10 +16,12 @@ import requests import sys from sanic.log import logger, logging, access_logger from metrics import * +from utils import isSessionAdmin from email_util import killSmptClient import pretixClient import traceback + app = Sanic(__name__) app.static("/res", "res/") @@ -156,7 +158,7 @@ async def welcome(request, order: Order, quota: Quotas): room_members.append(await app.ctx.om.get_order(code=member_id, cached=True)) tpl = app.ctx.tpl.get_template('welcome.html') - return html(tpl.render(order=order, quota=quota, room_members=room_members, pending_roommates=pending_roommates, ROOM_ERROR_MESSAGES=ROOM_ERROR_TYPES)) + return html(tpl.render(order=order, quota=quota, room_members=room_members, pending_roommates=pending_roommates, ROOM_ERROR_MESSAGES=ROOM_ERROR_TYPES, isSessionAdmin=await isSessionAdmin(request, order))) @app.route("/manage/download_ticket") diff --git a/karaoke.py b/karaoke.py index cf92500..be701cf 100644 --- a/karaoke.py +++ b/karaoke.py @@ -3,6 +3,7 @@ from sanic import Blueprint, exceptions, response from ext import * from urllib.parse import unquote from config import ADMINS +from utils import isSessionAdmin import json bp = Blueprint("karaoke", url_prefix="/manage/karaoke") @@ -10,7 +11,7 @@ bp = Blueprint("karaoke", url_prefix="/manage/karaoke") @bp.get("/admin") async def show_songs(request, order: Order): - if not order.isAdmin(): + if not await isSessionAdmin(request, order): raise exceptions.Forbidden("Birichino") orders = [x for x in request.app.ctx.om.cache.values() if x.karaoke_songs] @@ -28,7 +29,7 @@ async def show_songs(request, order: Order): @bp.post("/approve") async def approve_songs(request, order: Order): - if not order.isAdmin(): + if not await isSessionAdmin(request, order): raise exceptions.Forbidden("Birichino") for song in request.form: @@ -44,7 +45,7 @@ async def sing_song(request, order: Order, songname): if not order: raise exceptions.Forbidden("You have been logged out. Please access the link in your E-Mail to login again!") - if not order.isAdmin(): + if not await isSessionAdmin(request, order): raise exceptions.Forbidden("Birichino") songname = unquote(songname) diff --git a/propic.py b/propic.py index 3c4138a..d052054 100644 --- a/propic.py +++ b/propic.py @@ -6,6 +6,7 @@ from PIL import Image from io import BytesIO from hashlib import sha224 from time import time +from utils import isSessionAdmin import os bp = Blueprint("propic", url_prefix="/manage/propic") @@ -38,7 +39,7 @@ async def upload_propic(request, order: Order): if order.propic_locked: raise exceptions.BadRequest("You have been limited from further editing the propic.") - if request.form.get('submit') != 'Upload' and time() > PROPIC_DEADLINE: + if request.form.get('submit') != 'Upload' and (time() > PROPIC_DEADLINE and not await isSessionAdmin(request, order)): raise exceptions.BadRequest("The deadline has passed. You cannot modify the badges at this moment.") if request.form.get('submit') == 'Delete main image': diff --git a/stuff/testAsyncio.py b/stuff/testAsyncio.py new file mode 100644 index 0000000..01e0ec9 --- /dev/null +++ b/stuff/testAsyncio.py @@ -0,0 +1,11 @@ +# python merda +import asyncio + +async def a(): + print("a") + +def b(): + loop = asyncio.get_event_loop() + print(loop) + +b() \ No newline at end of file diff --git a/tpl/blocks/badge.html b/tpl/blocks/badge.html index a123d87..ceb6c6e 100644 --- a/tpl/blocks/badge.html +++ b/tpl/blocks/badge.html @@ -32,7 +32,7 @@ {% endif %} - {% if time() > PROPIC_DEADLINE %} + {% if time() > PROPIC_DEADLINE and not isSessionAdmin %}
⚠️ The deadline to upload pictures for the badge has expired. For last-minute changes, please contact the support over at info@furizon.net. If your badge has been printed already, changing it will incur in a 2€ fee. You can also get extra badges at the reception for the same price. If you upload a propic now, it might not be printed on time.
{% else %}
@@ -43,9 +43,9 @@
{% endif %}