diff options
Diffstat (limited to 'app.py')
| -rw-r--r-- | app.py | 32 |
1 files changed, 31 insertions, 1 deletions
@@ -33,7 +33,6 @@ from litestar.datastructures import State import ics -# TODO admin remove attendees # use url_fors, timezones? # error handling, auth errors, sql errors, input validation @@ -181,6 +180,34 @@ async def edit(state: State, request: Request, iden: str, password: str, data: A return Redirect(path="/symposium/event/" + iden + "?password=" + event.password) @dataclass +class RemoveRequest: + name: str + +@post("/event/{iden:str}/remove") +async def remove(state: State, request: Request, iden: str, data: Annotated[RemoveRequest, Body(media_type=RequestEncodingType.URL_ENCODED)], password: str = "") -> Redirect: #-> Template: + async with sessionmaker(bind=state.engine) as session: + async with session.begin(): + query = select(Event).where(Event.iden == iden) + result = await session.execute(query) + event = result.scalar_one() + + manage = False + if password and hmac.compare_digest(event.password, password): + manage = True + if not manage: + raise ValueError("no auth") + + name = data.name + invites = json.loads(event.invites) + if name in invites: + invites.remove(name) + event.invites = json.dumps(invites) + url = "/symposium/event/" + iden + if password: + url += "?password=" + password + return Redirect(path=url) + +@dataclass class JoinRequest: name: str @@ -193,6 +220,8 @@ async def join(state: State, request: Request, iden: str, data: Annotated[JoinRe event = result.scalar_one() name = data.name invites = json.loads(event.invites) + if name in invites: + raise ValueError("already exists") invites.append(name) event.invites = json.dumps(invites) url = "/symposium/event/" + iden @@ -207,6 +236,7 @@ app = Litestar( calendar, create, edit, + remove, join, create_static_files_router(path='/static', directories=['static']), ], |