app.py

@@ -16,12 +16,10 @@ import requests
 import sys
 from sanic.log import logger, logging, access_logger
 from metrics import *
-from utils import isSessionAdmin
 from email_util import killSmptClient
 import pretixClient
 import traceback
 
-
 app = Sanic(__name__)
 app.static("/res", "res/")
 
@@ -82,7 +80,6 @@ async def main_start(*_):
 	app.ctx.tpl = Environment(loader=FileSystemLoader("tpl"), autoescape=True)
 	app.ctx.tpl.globals.update(time=time)
 	app.ctx.tpl.globals.update(PROPIC_DEADLINE=PROPIC_DEADLINE)
-	app.ctx.tpl.globals.update(ROOM_DEADLINE=ROOM_DEADLINE)
 	app.ctx.tpl.globals.update(LOCALES=LOCALES)
 	app.ctx.tpl.globals.update(ITEMS_ID_MAP=ITEMS_ID_MAP)
 	app.ctx.tpl.globals.update(ITEM_VARIATIONS_MAP=ITEM_VARIATIONS_MAP)
@@ -159,7 +156,7 @@ async def welcome(request, order: Order, quota: Quotas):
 				room_members.append(await app.ctx.om.get_order(code=member_id, cached=True))
 
 	tpl = app.ctx.tpl.get_template('welcome.html')
-	return html(tpl.render(order=order, quota=quota, room_members=room_members, pending_roommates=pending_roommates, ROOM_ERROR_MESSAGES=ROOM_ERROR_TYPES, isSessionAdmin=await isSessionAdmin(request, order)))
+	return html(tpl.render(order=order, quota=quota, room_members=room_members, pending_roommates=pending_roommates, ROOM_ERROR_MESSAGES=ROOM_ERROR_TYPES))
 
 
 @app.route("/manage/download_ticket")

config.example.py

@@ -17,8 +17,6 @@ PROPIC_MAX_FILE_SIZE = 5 * 1024 * 1024 # 5MB
 PROPIC_MAX_SIZE = (2048, 2048) # (Width, Height)
 PROPIC_MIN_SIZE = (125, 125) # (Width, Height)
 
-ROOM_DEADLINE = 9999999999
-
 # This is used for feedback sending inside of the app. Feedbacks will be sent to the specified chat using the bot api id.
 TG_BOT_API = '123456789:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'
 TG_CHAT_ID = -1234567

karaoke.py

@@ -3,7 +3,6 @@ from sanic import Blueprint, exceptions, response
 from ext import *
 from urllib.parse import unquote
 from config import ADMINS
-from utils import isSessionAdmin
 import json
 
 bp = Blueprint("karaoke", url_prefix="/manage/karaoke")
@@ -11,7 +10,7 @@ bp = Blueprint("karaoke", url_prefix="/manage/karaoke")
 @bp.get("/admin")
 async def show_songs(request, order: Order):
 
-	if not await isSessionAdmin(request, order):
+	if not order.isAdmin():
 		raise exceptions.Forbidden("Birichino")
 
 	orders = [x for x in request.app.ctx.om.cache.values() if x.karaoke_songs]
@@ -29,7 +28,7 @@ async def show_songs(request, order: Order):
 @bp.post("/approve")
 async def approve_songs(request, order: Order):
 
-	if not await isSessionAdmin(request, order):
+	if not order.isAdmin():
 		raise exceptions.Forbidden("Birichino")
 	
 	for song in request.form:
@@ -45,7 +44,7 @@ async def sing_song(request, order: Order, songname):
 	
 	if not order: raise exceptions.Forbidden("You have been logged out. Please access the link in your E-Mail to login again!")
 	
-	if not await isSessionAdmin(request, order):
+	if not order.isAdmin():
 		raise exceptions.Forbidden("Birichino")
 
 	songname = unquote(songname)

propic.py

@@ -6,7 +6,6 @@ from PIL import Image
 from io import BytesIO
 from hashlib import sha224
 from time import time
-from utils import isSessionAdmin
 import os
 
 bp = Blueprint("propic", url_prefix="/manage/propic")
@@ -39,7 +38,7 @@ async def upload_propic(request, order: Order):
 	if order.propic_locked:
 		raise exceptions.BadRequest("You have been limited from further editing the propic.")
 	
-	if request.form.get('submit') != 'Upload' and (time() > PROPIC_DEADLINE and not await isSessionAdmin(request, order)):
+	if request.form.get('submit') != 'Upload' and time() > PROPIC_DEADLINE:
 		raise exceptions.BadRequest("The deadline has passed. You cannot modify the badges at this moment.")
 		
 	if request.form.get('submit') == 'Delete main image':

room.py

@@ -6,18 +6,9 @@ from config import headers
 import os
 from image_util import generate_room_preview, get_room
 from utils import confirm_room_by_order
-from time import time
 
 bp = Blueprint("room", url_prefix="/manage/room")
 
-@bp.middleware
-async def deadline_check(request: Request):
-	order = await get_order(request)
-	if not order:
-		raise exceptions.Forbidden("You have been logged out. Please access the link in your E-Mail to login again!")
-	if time() > ROOM_DEADLINE and not await isSessionAdmin(request, order):
-		raise exceptions.BadRequest("The deadline has passed. You cannot modify the room at this moment.")
-
 @bp.post("/create")
 async def room_create_post(request, order: Order):
 	if not order: raise exceptions.Forbidden("You have been logged out. Please access the link in your E-Mail to login again!")
@@ -313,7 +304,7 @@ async def confirm_room(request, order: Order, quotas: Quotas):
 	#if quotas.get_left(len(order.room_members)) == 0:
 	#	raise exceptions.BadRequest("There are no more rooms of this size to reserve.")
 
-	await confirm_room_by_order(order, request)
+	confirm_room_by_order(order, request)
 
 	return redirect('/manage/welcome')
 

stuff/testAsyncio.py

@@ -1,11 +0,0 @@
-# python merda
-import asyncio
-
-async def a():
-	print("a")
-
-def b():
-	loop = asyncio.get_event_loop()
-	print(loop)
-
-b()

tpl/blocks/badge.html

@@ -32,7 +32,7 @@
 			{% endif %}
 		</div>
 		
-		{% if time() > PROPIC_DEADLINE and not isSessionAdmin %}
+		{% if time() > PROPIC_DEADLINE %}
 		<p class="notice">⚠️ The deadline to upload pictures for the badge has expired. For last-minute changes, please contact the support over at <a href="mailto:info@furizon.net">info@furizon.net</a>. If your badge has been printed already, changing it will incur in a 2€ fee. You can also get extra badges at the reception for the same price. If you upload a propic now, it might not be printed on time.</p>
 		{% else %}
 			<p><em>
@@ -43,9 +43,9 @@
 		{% endif %}
 		
 		<div class="grid grid_2x2">
-			<input style="grid-area: 1 / 1 / 2 / 3;" type="submit" name="submit" value="Upload" {{'disabled' if ((order.ans('propic') and order.ans('propic_fursuiter'))) or (time() > PROPIC_DEADLINE and not isSessionAdmin) else ''}} />
+			<input style="grid-area: 1 / 1 / 2 / 3;" type="submit" name="submit" value="Upload" {{'disabled' if (order.ans('propic') and order.ans('propic_fursuiter')) else ''}} />
-			<input style="grid-area: 2 / 1 / 3 / 2;" type="submit" name="submit" value="Delete main image" {{'disabled' if ((time() > PROPIC_DEADLINE and not isSessionAdmin) or not order.ans('propic'))  else ''}} />
+			<input style="grid-area: 2 / 1 / 3 / 2;" type="submit" name="submit" value="Delete main image" {{'disabled' if (time() > PROPIC_DEADLINE or not order.ans('propic'))  else ''}} />
-			<input style="grid-area: 2 / 2 / 3 / 3;" type="submit" name="submit" value="Delete fursuit image" {{'disabled' if ((time() > PROPIC_DEADLINE and not isSessionAdmin) or not order.ans('propic_fursuiter')) else ''}} />
+			<input style="grid-area: 2 / 2 / 3 / 3;" type="submit" name="submit" value="Delete fursuit image" {{'disabled' if (time() > PROPIC_DEADLINE or not order.ans('propic_fursuiter')) else ''}} />
 		</div>
 	</form>
 </details>

tpl/blocks/room.html

@@ -40,7 +40,7 @@
 					{% if person.status == 'pending' %}
 						<p><strong style="color:red;">UNPAID</strong></p>
 					{% endif %}
-					{% if order.room_owner and person.code != order.code and (not order.room_confirmed) and (time() <= ROOM_DEADLINE or isSessionAdmin) %}<a href="/manage/room/kick/{{person.code}}">KICK</a>{% endif %}
+					{% if order.room_owner and person.code != order.code and (not order.room_confirmed) %}<a href="/manage/room/kick/{{person.code}}">KICK</a>{% endif %}
 				</div>
 				
 				{% if person.status != 'paid' %}
@@ -51,7 +51,7 @@
 			{# {% if order.room_id == order.code and not order.room_confirmed and len(room_members) < 5%} #}
 			{% if order.room_id == order.code and not order.room_confirmed and len(room_members) < order.room_person_no %}
 				<div>
-					<a {% if time() <= ROOM_DEADLINE or isSessionAdmin %} href="javascript:document.getElementById('modal-roominvite').setAttribute('open', 'true');" {% else %} disabled {% endif %}>
+					<a href="javascript:document.getElementById('modal-roominvite').setAttribute('open', 'true');">
 						<div class="propic-container">
 							<img class="propic" src="/res/new.png" />
 							<h3>Invite</h3>
@@ -63,13 +63,13 @@
 		</div>
 	{% elif order.pending_room %}
 		<p>You have have asked to join the room of another member. Wait for them to confirm or reject your request.</p>
-		<a role="button" href="/manage/room/cancel_request" {{'disabled' if time() > ROOM_DEADLINE and not isSessionAdmin else ''}}>Cancel pending join request</a>
+		<a role="button" href="/manage/room/cancel_request">Cancel pending join request</a>
 	{% else %}
 		<p class="notice">🎲 If you don't join a room or create your one within the room deadline, we will randomly put you into a room with free spots.</p>
 		<p>To join a room, ask somebody to send you their room code.</p>
 		<p class="grid">
-			<a role="button" href="/manage/room/create" {{'disabled' if time() > ROOM_DEADLINE and not isSessionAdmin else ''}}>Create a room</a>
+			<a role="button" href="/manage/room/create">Create a room</a>
-			<a role="button" href="javascript:document.getElementById('modal-joinroom').setAttribute('open', 'true');" {{'disabled' if time() > ROOM_DEADLINE and not isSessionAdmin else ''}}>Join a room</a>
+			<a role="button" href="javascript:document.getElementById('modal-joinroom').setAttribute('open', 'true');">Join a room</a>
 		</p>
 	{% endif %}
 	
@@ -83,17 +83,17 @@
 		{% if order.room_owner %}
 			
 			{% if not order.room_confirmed %}
-				{# <a role="button" {{'disabled' if time() > ROOM_DEADLINE and not isSessionAdmin else ''}} {% if not room.forbidden and quota.get_left(len(room_members)) > 0 %}href="javascript:document.getElementById('modal-roomconfirm').setAttribute('open', 'true');"{% endif %}>Confirm <strong>{{[None,'single','double','triple','quadruple','quintuple'][len(room_members)]}}</strong> room</a> #}
+				{# <a role="button" {% if not room.forbidden and quota.get_left(len(room_members)) > 0 %}href="javascript:document.getElementById('modal-roomconfirm').setAttribute('open', 'true');"{% endif %}>Confirm <strong>{{[None,'single','double','triple','quadruple','quintuple'][len(room_members)]}}</strong> room</a> #}
 
-				<a style="grid-area: 1 / 1 / 2 / 2;" role="button" href="javascript:document.getElementById('modal-roomrename').setAttribute('open', 'true');" {{'disabled' if time() > ROOM_DEADLINE and not isSessionAdmin else ''}}>Rename room</a>
+				<a style="grid-area: 1 / 1 / 2 / 2;" role="button" href="javascript:document.getElementById('modal-roomrename').setAttribute('open', 'true');">Rename room</a>
-				<a style="grid-area: 1 / 2 / 2 / 3;" href="/manage/room/delete" role="button" {{'disabled' if (len(room_members) > 1) or (time() > ROOM_DEADLINE and not isSessionAdmin) else ''}} >Delete room</a>	
+				<a style="grid-area: 1 / 2 / 2 / 3;" href="/manage/room/delete" role="button" {{'disabled' if (len(room_members) > 1) else ''}} >Delete room</a>	
-				<a style="grid-area: 2 / 1 / 3 / 3; display:block;" role="button" {{'disabled' if time() > ROOM_DEADLINE and not isSessionAdmin else ''}} {% if not room.forbidden and len(room_members) == order.room_person_no %}href="javascript:document.getElementById('modal-roomconfirm').setAttribute('open', 'true');"{% endif %}>Confirm <strong>{{[None,'single','double','triple','quadruple','quintuple'][order.room_person_no]}}</strong> room</a>
+				<a style="grid-area: 2 / 1 / 3 / 3; display:block;" role="button" {% if not room.forbidden and len(room_members) == order.room_person_no %}href="javascript:document.getElementById('modal-roomconfirm').setAttribute('open', 'true');"{% endif %}>Confirm <strong>{{[None,'single','double','triple','quadruple','quintuple'][order.room_person_no]}}</strong> room</a>
 			{% else %}
-				{# <a style="grid-area: 1 / 1 / 2 / 2;" role="button" {{'disabled' if time() > ROOM_DEADLINE and not isSessionAdmin else ''}} href="javascript:navigator.share({title: 'Furizon room', text:'Viewing room {{order.room_name}}', url: `${window.location.protocol}//${window.location.host}/manage/room/view/{{order.code}}}`});">Share</a> #}
+				{# <a style="grid-area: 1 / 1 / 2 / 2;" role="button" href="javascript:navigator.share({title: 'Furizon room', text:'Viewing room {{order.room_name}}', url: `${window.location.protocol}//${window.location.host}/manage/room/view/{{order.code}}}`});">Share</a> #}
 			{% endif %}
 		{% else %}
 			{% if order.room_id and not order.room_confirmed %}
-				<a href="/manage/room/leave" role="button" {{'disabled' if time() > ROOM_DEADLINE and not isSessionAdmin else ''}}>Leave room</a>	
+				<a href="/manage/room/leave" role="button">Leave room</a>	
 			{% endif %}
 		{% endif %}	
 	</p>
@@ -111,8 +111,8 @@
 						<td><strong style="color:red;">UNPAID</strong></td>
 					{% endif %}
 					{% if order.room_owner %}
-						<td style="width:1%;white-space: nowrap;"><a role="button" href="/manage/room/approve/{{person.code}}" {{'disabled' if time() > ROOM_DEADLINE and not isSessionAdmin else ''}}>Approve</a></td>
+						<td style="width:1%;white-space: nowrap;"><a role="button" href="/manage/room/approve/{{person.code}}">Approve</a></td>
-						<td style="width:1%;white-space: nowrap;"><a role="button" href="/manage/room/reject/{{person.code}}" {{'disabled' if time() > ROOM_DEADLINE and not isSessionAdmin else ''}}>Reject</a></td>
+						<td style="width:1%;white-space: nowrap;"><a role="button" href="/manage/room/reject/{{person.code}}">Reject</a></td>
 					{% endif %}
 				</tr>
 			</div>

utils.py

@@ -288,19 +288,6 @@ async def validate_rooms(request, rooms, om):
 		logger.info(f"[ROOM VALIDATION] Sent {sent_count} emails")
 		
 
-# Returns true if the logged used is an admin OR if it's an admin logged as another user
-async def isSessionAdmin(request, order):
-	if(order.isAdmin()): return True
-
-	orgCode = request.cookies.get("foxo_code_ORG")
-	orgSecret = request.cookies.get("foxo_secret_ORG")
-	if orgCode != None and orgSecret != None:
-
-		user = await request.app.ctx.om.get_order(code=orgCode)
-		if(user == None): return False
-		if(user.secret != orgSecret): raise exceptions.Forbidden("Birichino :)")
-		return user.isAdmin()
-
 async def check_room(request, order, om=None):
 	room_errors = []
 	room_members = []