diff options
-rw-r--r-- | app.py | 32 | ||||
-rw-r--r-- | static/styles.css | 9 | ||||
-rw-r--r-- | templates/event.html | 14 |
3 files changed, 50 insertions, 5 deletions
@@ -33,7 +33,6 @@ from litestar.datastructures import State import ics -# TODO admin remove attendees # use url_fors, timezones? # error handling, auth errors, sql errors, input validation @@ -181,6 +180,34 @@ async def edit(state: State, request: Request, iden: str, password: str, data: A return Redirect(path="/symposium/event/" + iden + "?password=" + event.password) @dataclass +class RemoveRequest: + name: str + +@post("/event/{iden:str}/remove") +async def remove(state: State, request: Request, iden: str, data: Annotated[RemoveRequest, Body(media_type=RequestEncodingType.URL_ENCODED)], password: str = "") -> Redirect: #-> Template: + async with sessionmaker(bind=state.engine) as session: + async with session.begin(): + query = select(Event).where(Event.iden == iden) + result = await session.execute(query) + event = result.scalar_one() + + manage = False + if password and hmac.compare_digest(event.password, password): + manage = True + if not manage: + raise ValueError("no auth") + + name = data.name + invites = json.loads(event.invites) + if name in invites: + invites.remove(name) + event.invites = json.dumps(invites) + url = "/symposium/event/" + iden + if password: + url += "?password=" + password + return Redirect(path=url) + +@dataclass class JoinRequest: name: str @@ -193,6 +220,8 @@ async def join(state: State, request: Request, iden: str, data: Annotated[JoinRe event = result.scalar_one() name = data.name invites = json.loads(event.invites) + if name in invites: + raise ValueError("already exists") invites.append(name) event.invites = json.dumps(invites) url = "/symposium/event/" + iden @@ -207,6 +236,7 @@ app = Litestar( calendar, create, edit, + remove, join, create_static_files_router(path='/static', directories=['static']), ], diff --git a/static/styles.css b/static/styles.css index cce5d61..d0f3e5e 100644 --- a/static/styles.css +++ b/static/styles.css @@ -32,3 +32,12 @@ input { .when { width: fit-content; } + +.remove { + margin-left: 1.5em; + display: inline; +} + +.join-input { + width: 40%; +} diff --git a/templates/event.html b/templates/event.html index 687d696..925a707 100644 --- a/templates/event.html +++ b/templates/event.html @@ -34,8 +34,8 @@ <br> <hr> {% endif %} - <form method="POST" action="/symposium/event/{{ event.iden }}/edit?password={{event.password}}"> {% if manage %} + <form method="POST" action="/symposium/event/{{ event.iden }}/edit?password={{event.password}}"> <span class="q">Title:</span> <input name="title" type="text" value="{{ event.title }}"></input> {% else %} @@ -81,12 +81,18 @@ <button>Save changes</button> <br> <br> - {% endif %} </form> + {% endif %} <span class="q">Who?</span> <br> {% for name in event.get_invites() %} - — {{ name }} + — {{ name }} + {% if manage %} + <form class="remove" method="POST" action="/symposium/event/{{ event.iden }}/remove?password={{ event.password }}"> + <input type="hidden" name="name" value="{{ name }}"> + <button href="#">remove</button> + </form> + {% endif %} <br> {% endfor %} {% if manage %} @@ -94,7 +100,7 @@ {% else %} <form method="POST" action="/symposium/event/{{ event.iden }}/join" class="join-form"> {% endif %} - <input type="text" name="name"> + <input class="join-input" type="text" name="name"> <button type="submit">Add attendee</button> </form> </div> |