Commit be8ae7e0 authored by Robert Czechowski's avatar Robert Czechowski
Browse files

Add routes for CSV upload, show upload page

parent 1cfe52bf
...@@ -553,6 +553,28 @@ pub fn add_group<T: MedalConnection>(conn: &T, session_token: &str, csrf_token: ...@@ -553,6 +553,28 @@ pub fn add_group<T: MedalConnection>(conn: &T, session_token: &str, csrf_token:
Ok(group.id.unwrap()) Ok(group.id.unwrap())
} }
pub fn group_csv<T: MedalConnection>(conn: &T, session_token: &str) -> MedalValueResult {
let session = conn.get_session_or_new(&session_token).ensure_logged_in().ok_or(MedalError::NotLoggedIn)?;
let mut data = json_val::Map::new();
data.insert("csrf_token".to_string(), to_json(&session.csrf_token));
Ok(("groupcsv".to_string(), data))
}
pub fn upload_groups<T: MedalConnection>(conn: &T, session_token: &str, csrf_token: &str, group_data: &str) -> MedalResult<()> {
let session = conn.get_session(&session_token)
.ok_or(MedalError::AccessDenied)?
.ensure_logged_in()
.ok_or(MedalError::AccessDenied)?;
if session.csrf_token != csrf_token {
return Err(MedalError::CsrfCheckFailed);
}
Ok(())
}
#[allow(dead_code)] #[allow(dead_code)]
pub fn show_groups_results<T: MedalConnection>(conn: &T, contest_id: i32, session_token: &str) -> MedalValueResult { pub fn show_groups_results<T: MedalConnection>(conn: &T, contest_id: i32, session_token: &str) -> MedalValueResult {
let session = conn.get_session_or_new(&session_token).ensure_logged_in().ok_or(MedalError::NotLoggedIn)?; let session = conn.get_session_or_new(&session_token).ensure_logged_in().ok_or(MedalError::NotLoggedIn)?;
......
...@@ -53,6 +53,18 @@ macro_rules! with_conn { ...@@ -53,6 +53,18 @@ macro_rules! with_conn {
}; };
} }
macro_rules! template_ok {
( $x:expr ) => {
{
let (template, data) = $x;
let mut resp = Response::new();
resp.set_mut(Template::new(&template, data)).set_mut(status::Ok);
Ok(resp)
}
};
}
struct ErrorReporter; struct ErrorReporter;
impl AfterMiddleware for ErrorReporter { impl AfterMiddleware for ErrorReporter {
fn catch(&self, _: &mut Request, err: IronError) -> IronResult<Response> { fn catch(&self, _: &mut Request, err: IronError) -> IronResult<Response> {
...@@ -519,6 +531,7 @@ fn group<C>(req: &mut Request) -> IronResult<Response> ...@@ -519,6 +531,7 @@ fn group<C>(req: &mut Request) -> IronResult<Response>
Ok(resp) Ok(resp)
} }
//TODO: Secure with CSRF-Token?
fn group_post<C>(req: &mut Request) -> IronResult<Response> fn group_post<C>(req: &mut Request) -> IronResult<Response>
where C: MedalConnection + std::marker::Send + 'static { where C: MedalConnection + std::marker::Send + 'static {
let group_id = req.expect_int::<i32>("groupid")?; let group_id = req.expect_int::<i32>("groupid")?;
...@@ -526,7 +539,7 @@ fn group_post<C>(req: &mut Request) -> IronResult<Response> ...@@ -526,7 +539,7 @@ fn group_post<C>(req: &mut Request) -> IronResult<Response>
//TODO: use result? //TODO: use result?
with_conn![core::modify_group, C, req, group_id, &session_token].aug(req)?; with_conn![core::modify_group, C, req, group_id, &session_token].aug(req)?;
Ok(Response::with((status::Found, Redirect(url_for!(req, "group", "groupid" => format!("{}",group_id)))))) Ok(Response::with((status::Found, Redirect(url_for!(req, "group", "groupid" => format!("{}",group_id))))))
} }
...@@ -546,6 +559,30 @@ fn new_group<C>(req: &mut Request) -> IronResult<Response> ...@@ -546,6 +559,30 @@ fn new_group<C>(req: &mut Request) -> IronResult<Response>
Ok(Response::with((status::Found, Redirect(url_for!(req, "group", "groupid" => format!("{}",group_id)))))) Ok(Response::with((status::Found, Redirect(url_for!(req, "group", "groupid" => format!("{}",group_id))))))
} }
fn group_csv<C>(req: &mut Request) -> IronResult<Response>
where C: MedalConnection + std::marker::Send + 'static {
let session_token = req.require_session_token()?;
template_ok!(with_conn![core::group_csv, C, req, &session_token].aug(req)?)
}
fn group_csv_upload<C>(req: &mut Request) -> IronResult<Response>
where C: MedalConnection + std::marker::Send + 'static {
let session_token = req.require_session_token()?;
let (csrf_token, group_data) = {
let formdata = iexpect!(req.get_ref::<UrlEncodedBody>().ok());
(iexpect!(formdata.get("csrf_token"))[0].to_owned(),
iexpect!(formdata.get("group_data"))[0].to_owned())
};
println!("{}",group_data);
let group_id = with_conn![core::upload_groups, C, req, &session_token, &csrf_token, &group_data].aug(req)?;
Ok(Response::with((status::Found, Redirect(url_for!(req, "groups")))))
}
fn profile<C>(req: &mut Request) -> IronResult<Response> fn profile<C>(req: &mut Request) -> IronResult<Response>
where C: MedalConnection + std::marker::Send + 'static { where C: MedalConnection + std::marker::Send + 'static {
let session_token = req.require_session_token()?; let session_token = req.require_session_token()?;
...@@ -848,6 +885,8 @@ pub fn start_server<C>(conn: C, config: Config) -> iron::error::HttpResult<iron: ...@@ -848,6 +885,8 @@ pub fn start_server<C>(conn: C, config: Config) -> iron::error::HttpResult<iron:
groups: post "/group/" => new_group::<C>, groups: post "/group/" => new_group::<C>,
group: get "/group/:groupid" => group::<C>, group: get "/group/:groupid" => group::<C>,
group_post: post "/group" => group_post::<C>, group_post: post "/group" => group_post::<C>,
groupcsv: get "/groupcsv" => group_csv::<C>,
groupcsv_post: post "/groupcsv" => group_csv_upload::<C>,
profile: get "/profile" => profile::<C>, profile: get "/profile" => profile::<C>,
profile_post: post "/profile" => profile_post::<C>, profile_post: post "/profile" => profile_post::<C>,
user: get "/user/:userid" => user::<C>, user: get "/user/:userid" => user::<C>,
......
<script src="/static/lib/papaparse/papaparse-5.0.2.js"></script> <script src="/static/lib/papaparse/papaparse-5.0.2.min.js"></script>
<script> <script>
...@@ -93,6 +93,10 @@ function clear(i) { ...@@ -93,6 +93,10 @@ function clear(i) {
document.getElementById("result").style.display = "none"; document.getElementById("result").style.display = "none";
} }
function copy_data() {
document.getElementById("send_data").value = JSON.stringify(senddata);
}
</script> </script>
<style> <style>
...@@ -111,9 +115,9 @@ table, th, td { ...@@ -111,9 +115,9 @@ table, th, td {
} }
td, th { td, th {
padding: 4px; padding: 4px;
border-left:0px; border-left:0px;
border-right:0px; border-right:0px;
} }
</style> </style>
...@@ -124,7 +128,11 @@ border-right:0px; ...@@ -124,7 +128,11 @@ border-right:0px;
<div id="result" style="display:none; width:800px; margin: 10px auto;"> <div id="result" style="display:none; width:800px; margin: 10px auto;">
<div style="float:left;margin:40px;width:300px;"> <div style="float:left;margin:40px;width:300px;">
<button style="margin:40px;">Gruppen erstellen</button><br> <form action="/groupcsv" method="post" onsubmit="copy_data();">
<input type="hidden" name="group_data" id="send_data">
<input type="hidden" name="csrf_token" value="{{ csrf_token }}">
<input type="submit" style="margin:40px;" value="Gruppen erstellen"></input><br>
</form>
<p>Bitte prüfen Sie vorher, dass alle Daten korrekt sind und Umlaute richtig dargestellt werden. Löschen Sie eventuell vorhandene Kopfzeilen. Kein Name darf länger als 100 Zeichen lang sein.</p> <p>Bitte prüfen Sie vorher, dass alle Daten korrekt sind und Umlaute richtig dargestellt werden. Löschen Sie eventuell vorhandene Kopfzeilen. Kein Name darf länger als 100 Zeichen lang sein.</p>
</div> </div>
<a href="javascript:clear();"><button>Alle Löschen</button></a><br/> <a href="javascript:clear();"><button>Alle Löschen</button></a><br/>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment