Commit be8ae7e0 authored by Robert Czechowski's avatar Robert Czechowski
Browse files

Add routes for CSV upload, show upload page

parent 1cfe52bf
......@@ -553,6 +553,28 @@ pub fn add_group<T: MedalConnection>(conn: &T, session_token: &str, csrf_token:
Ok(group.id.unwrap())
}
pub fn group_csv<T: MedalConnection>(conn: &T, session_token: &str) -> MedalValueResult {
let session = conn.get_session_or_new(&session_token).ensure_logged_in().ok_or(MedalError::NotLoggedIn)?;
let mut data = json_val::Map::new();
data.insert("csrf_token".to_string(), to_json(&session.csrf_token));
Ok(("groupcsv".to_string(), data))
}
pub fn upload_groups<T: MedalConnection>(conn: &T, session_token: &str, csrf_token: &str, group_data: &str) -> MedalResult<()> {
let session = conn.get_session(&session_token)
.ok_or(MedalError::AccessDenied)?
.ensure_logged_in()
.ok_or(MedalError::AccessDenied)?;
if session.csrf_token != csrf_token {
return Err(MedalError::CsrfCheckFailed);
}
Ok(())
}
#[allow(dead_code)]
pub fn show_groups_results<T: MedalConnection>(conn: &T, contest_id: i32, session_token: &str) -> MedalValueResult {
let session = conn.get_session_or_new(&session_token).ensure_logged_in().ok_or(MedalError::NotLoggedIn)?;
......
......@@ -53,6 +53,18 @@ macro_rules! with_conn {
};
}
macro_rules! template_ok {
( $x:expr ) => {
{
let (template, data) = $x;
let mut resp = Response::new();
resp.set_mut(Template::new(&template, data)).set_mut(status::Ok);
Ok(resp)
}
};
}
struct ErrorReporter;
impl AfterMiddleware for ErrorReporter {
fn catch(&self, _: &mut Request, err: IronError) -> IronResult<Response> {
......@@ -519,6 +531,7 @@ fn group<C>(req: &mut Request) -> IronResult<Response>
Ok(resp)
}
//TODO: Secure with CSRF-Token?
fn group_post<C>(req: &mut Request) -> IronResult<Response>
where C: MedalConnection + std::marker::Send + 'static {
let group_id = req.expect_int::<i32>("groupid")?;
......@@ -526,7 +539,7 @@ fn group_post<C>(req: &mut Request) -> IronResult<Response>
//TODO: use result?
with_conn![core::modify_group, C, req, group_id, &session_token].aug(req)?;
Ok(Response::with((status::Found, Redirect(url_for!(req, "group", "groupid" => format!("{}",group_id))))))
}
......@@ -546,6 +559,30 @@ fn new_group<C>(req: &mut Request) -> IronResult<Response>
Ok(Response::with((status::Found, Redirect(url_for!(req, "group", "groupid" => format!("{}",group_id))))))
}
fn group_csv<C>(req: &mut Request) -> IronResult<Response>
where C: MedalConnection + std::marker::Send + 'static {
let session_token = req.require_session_token()?;
template_ok!(with_conn![core::group_csv, C, req, &session_token].aug(req)?)
}
fn group_csv_upload<C>(req: &mut Request) -> IronResult<Response>
where C: MedalConnection + std::marker::Send + 'static {
let session_token = req.require_session_token()?;
let (csrf_token, group_data) = {
let formdata = iexpect!(req.get_ref::<UrlEncodedBody>().ok());
(iexpect!(formdata.get("csrf_token"))[0].to_owned(),
iexpect!(formdata.get("group_data"))[0].to_owned())
};
println!("{}",group_data);
let group_id = with_conn![core::upload_groups, C, req, &session_token, &csrf_token, &group_data].aug(req)?;
Ok(Response::with((status::Found, Redirect(url_for!(req, "groups")))))
}
fn profile<C>(req: &mut Request) -> IronResult<Response>
where C: MedalConnection + std::marker::Send + 'static {
let session_token = req.require_session_token()?;
......@@ -848,6 +885,8 @@ pub fn start_server<C>(conn: C, config: Config) -> iron::error::HttpResult<iron:
groups: post "/group/" => new_group::<C>,
group: get "/group/:groupid" => group::<C>,
group_post: post "/group" => group_post::<C>,
groupcsv: get "/groupcsv" => group_csv::<C>,
groupcsv_post: post "/groupcsv" => group_csv_upload::<C>,
profile: get "/profile" => profile::<C>,
profile_post: post "/profile" => profile_post::<C>,
user: get "/user/:userid" => user::<C>,
......
<script src="/static/lib/papaparse/papaparse-5.0.2.js"></script>
<script src="/static/lib/papaparse/papaparse-5.0.2.min.js"></script>
<script>
......@@ -93,6 +93,10 @@ function clear(i) {
document.getElementById("result").style.display = "none";
}
function copy_data() {
document.getElementById("send_data").value = JSON.stringify(senddata);
}
</script>
<style>
......@@ -111,9 +115,9 @@ table, th, td {
}
td, th {
padding: 4px;
border-left:0px;
border-right:0px;
padding: 4px;
border-left:0px;
border-right:0px;
}
</style>
......@@ -124,7 +128,11 @@ border-right:0px;
<div id="result" style="display:none; width:800px; margin: 10px auto;">
<div style="float:left;margin:40px;width:300px;">
<button style="margin:40px;">Gruppen erstellen</button><br>
<form action="/groupcsv" method="post" onsubmit="copy_data();">
<input type="hidden" name="group_data" id="send_data">
<input type="hidden" name="csrf_token" value="{{ csrf_token }}">
<input type="submit" style="margin:40px;" value="Gruppen erstellen"></input><br>
</form>
<p>Bitte prüfen Sie vorher, dass alle Daten korrekt sind und Umlaute richtig dargestellt werden. Löschen Sie eventuell vorhandene Kopfzeilen. Kein Name darf länger als 100 Zeichen lang sein.</p>
</div>
<a href="javascript:clear();"><button>Alle Löschen</button></a><br/>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment