Skip to content
Snippets Groups Projects
accounts.py 27.6 KiB
Newer Older
aebopp's avatar
aebopp committed
import hashlib
aebopp's avatar
aebopp committed
import uuid
aebopp's avatar
aebopp committed
import os
import flask
aebopp's avatar
aebopp committed
import shutil
import tempfile
aebopp's avatar
aebopp committed
from flask import render_template
from flask import flash
aebopp's avatar
aebopp committed
import servicePoints
APP = flask.Flask(__name__)

servicePoints.app.secret_key = b'''\xf4\xb2\x9f\x80\xb1\xef\x01\xc6\x10\xca
    \xdd\x84\xd4\xf3\x0c\x95\xad\xa6\xdc\xaf\xd3\xbeI\xf7'''

@servicePoints.app.route('/accounts/login/', methods=['GET', 'POST'])
def login():
    """Render login page."""
aebopp's avatar
aebopp committed
    if 'username' in flask.session:
        return flask.redirect(flask.url_for('index'))
    if flask.request.method == 'POST':
        cursor = servicePoints.model.get_db().cursor()
        pass_user = flask.request.form['password']
        password_1 = cursor.execute('SELECT password FROM users WHERE '
                                    'username =:who',
                                    {"who": flask.request.form['username']})
        password_3 = password_1.fetchall()
        if not password_3:
            msg = 'Incorrect login credentials'
        else:
            password_2 = password_3[0]['password']
            password_4 = password_2.split('$')
            algorithm = password_4[0]
            salt = password_4[1]
            p2word = password_4[2]
            hash_obj = hashlib.new(algorithm)
            password_salted = salt + pass_user
            hash_obj.update(password_salted.encode('utf-8'))
            password_hash = hash_obj.hexdigest()
            # if the password does not exist
            if p2word != password_hash:
                msg = 'Incorrect login credentials'
            else:
                flask.session['username'] = flask.request.form['username']
                return flask.redirect(flask.url_for('index'))
    return render_template('login.html', **context, msg=msg)
aebopp's avatar
aebopp committed

@servicePoints.app.route('/accounts/logout/')
def logout():
    """Render logout page."""
    flask.session.clear()
    return flask.redirect(flask.url_for('login'))


@servicePoints.app.route('/accounts/create/', methods=['GET', 'POST'])
def create():
    """Render create page."""
aebopp's avatar
aebopp committed
    # If a user is already logged in, redirect to /accounts/edit/
    if 'username' in flask.session:
        return flask.redirect(flask.url_for('index'))
    if flask.request.method == 'POST':
        cursor = servicePoints.model.get_db().cursor()
        name = str(flask.request.form['username'])
        
        to_add = (name,)
        cursor.execute('SELECT * FROM users WHERE username=?', to_add)

        # If the chosen name is already taken
        if cursor.fetchone() is not None or name == "pending":
            msg = 'Username is already taken.'
mrschnei's avatar
mrschnei committed

        if msg == '':
            flask.session['username'] = flask.request.form['username']
            flask.session['fullname'] = flask.request.form['fullname']
            flask.session['orgName'] = flask.request.form['orgName']
            flask.session['email'] = flask.request.form['email']
            flask.session['password'] = flask.request.form['password']

            pw = hash_pass(flask.session['password'])
            data = (flask.session['username'], flask.session['fullname'],
                    flask.session['email'], 'NONE',
                    pw, 0)
            cur.execute("INSERT INTO users(username, fullname, email, orgName, "
                        "password, hours) VALUES (?, ?, ?, ?, ?, ?)", data)
            if flask.session['orgName'] != 'NONE':
                pendingData = (flask.session['username'], flask.session['fullname'],
                               flask.session['email'], flask.session['orgName'], 0)
                cur.execute("INSERT INTO pendingOrgs(username, fullname, email, orgName, "
                            "hours) VALUES (?, ?, ?, ?, ?)", pendingData)

            return flask.redirect(flask.url_for('index'))
    cursor = servicePoints.model.get_db()

    cur = cursor.execute("SELECT * FROM orgs")
    orgs = cur.fetchall()
    context = {"orgs": orgs}
    return render_template('create.html', **context, msg=msg)

@servicePoints.app.route('/accounts/createOrg/', methods=['GET', 'POST'])
def createOrg():
    """Render createOrg page."""
    # If a user is already logged in, redirect to /accounts/edit/
    if 'username' in flask.session:
        return flask.redirect(flask.url_for('index'))
    if flask.request.method == 'POST':

        # If a user tries to create an account with an existing username in
        # the database, abort(409)
aebopp's avatar
aebopp committed
        cursor = servicePoints.model.get_db().cursor()
        name = str(flask.request.form['username'])
        orgName = str(flask.request.form['orgName'])
aebopp's avatar
aebopp committed

        to_add = (name,)
        to_addOrg = (orgName,)
aebopp's avatar
aebopp committed
        cursor.execute('SELECT * FROM users WHERE username=?', to_add)
        if cursor.fetchone() is not None or name == "pending":
            msg = 'Username is already taken.'

        cursor.execute('SELECT * FROM orgs WHERE orgName=?', to_addOrg)
        if cursor.fetchone() is not None or orgName == "NONE":
            msg = 'Organization name is already taken.'
        if msg == '':
            flask.session['username'] = flask.request.form['username']
            flask.session['fullname'] = flask.request.form['fullname']
            flask.session['orgName'] = flask.request.form['orgName']
            flask.session['email'] = flask.request.form['email']
            flask.session['password'] = flask.request.form['password']

            pw = hash_pass(flask.session['password'])
            data = (flask.session['username'], flask.session['fullname'],
                    flask.session['email'], flask.session['orgName'],
                    pw, 0)
            orgData = (flask.session['username'], flask.session['orgName'])
            cur = servicePoints.model.get_db()
            cur.execute("INSERT INTO orgs(username, orgName) VALUES (?, ?)", orgData)
            cur.execute("INSERT INTO users(username, fullname, email, orgName, "
                        "password, hours) VALUES (?, ?, ?, ?, ?, ?)", data)
aebopp's avatar
aebopp committed

            return flask.redirect(flask.url_for('index'))
aebopp's avatar
aebopp committed

    context = {}
    return render_template('createOrg.html', **context, msg=msg)
aebopp's avatar
aebopp committed

aebopp's avatar
aebopp committed
@servicePoints.app.route('/accounts/viewMemberPoints/', methods=['GET'])
def viewMemberPoints():
    if 'username' in flask.session:
        username = flask.session["username"]
        cursor = servicePoints.model.get_db()
        leaderCur = cursor.execute('SELECT orgName FROM orgs WHERE '
                    'username =:who',
                    {"who": username})
        results = leaderCur.fetchone()
        usersCur = cursor.execute('SELECT username, fullname, hours FROM users WHERE '
                    'orgName =:who',
                    {"who": results["orgName"]})
        hoursResults = usersCur.fetchall()
        context = {'org': results["orgName"], 'hours': hoursResults}
        return render_template('viewMemberPoints.html', **context)
    return flask.redirect(flask.url_for('login'))

@servicePoints.app.route('/accounts/viewRequests/', methods=['GET', 'POST'])
def viewRequests():
    if 'username' in flask.session:
        if flask.request.method == 'POST':
            if 'deny' in flask.request.form:
                post = flask.request.form["postid"]
                file = flask.request.form["filename"]
                servicePoints.model.get_db().execute('DELETE FROM requests WHERE postid =:one ', 
                {"one": post})
                os.remove(os.path.join(servicePoints.app.config["IMAGES_FOLDER"], file))
            if 'confirm' in flask.request.form:
                try:
                    numHours = int(flask.request.form["numHours"])
                except:
                    return flask.redirect(flask.url_for('hourError'))
                post = flask.request.form["postid"]
                user = flask.request.form["user"]
                file = flask.request.form["filename"]
                hours = servicePoints.model.get_db().execute('SELECT hours FROM users WHERE username =:one ', 
                {"one": user})
                dbHours = hours.fetchone()
                dbHours["hours"] += numHours
                servicePoints.model.get_db().execute('UPDATE users SET hours =:one WHERE username =:two ', 
                {"one": dbHours["hours"], "two": user})
                servicePoints.model.get_db().execute('DELETE FROM requests WHERE postid =:one ', 
                {"one": post})
                os.remove(os.path.join(servicePoints.app.config["IMAGES_FOLDER"], file))

        username = flask.session["username"]
        cursor = servicePoints.model.get_db()
        leaderCur = cursor.execute('SELECT postid, member, service, description, filename FROM requests WHERE '
                    'leader =:who',
                    {"who": username})
        results = leaderCur.fetchall()
        context = {'requests': results,'username': username, 'org': flask.session["orgName"], 'hours': flask.session["hours"]}
        return render_template('viewRequests.html', **context)
    return flask.redirect(flask.url_for('login'))
aebopp's avatar
aebopp committed
@servicePoints.app.route('/', methods=['GET', 'POST'])
def index():
    if 'username' in flask.session:
        username = flask.session["username"]
        cursor = servicePoints.model.get_db()
        studentOrgCur = cursor.execute('SELECT orgName, hours FROM users WHERE '
                            'username =:who',
                            {"who": username})
        results = studentOrgCur.fetchone()
        leaderCur = cursor.execute('SELECT orgName FROM orgs WHERE '
                    'username =:who',
                    {"who": username})
        tryfetch = leaderCur.fetchone()
        if tryfetch is None or tryfetch["orgName"] == "NONE":
            leader = 0
        else:
            leader = 1
        flask.session["leader"] = leader
        flask.session["hours"] = results["hours"]
        flask.session["orgName"] = results["orgName"]
        context = {'username': username, 'org': results["orgName"], 'hours': results["hours"], 
aebopp's avatar
aebopp committed
        return render_template('index.html', **context)
aebopp's avatar
aebopp committed
    return flask.redirect(flask.url_for('login'))

def hash_pass(password_in):
    """Hash passwords."""
    algorithm = 'sha512'
    salt = uuid.uuid4().hex
    hash_obj = hashlib.new(algorithm)
    password_salted = salt + password_in
    hash_obj.update(password_salted.encode('utf-8'))
    password_hash = hash_obj.hexdigest()
    password_db_string = "$".join([algorithm, salt, password_hash])
    return password_db_string
aebopp's avatar
aebopp committed

@servicePoints.app.route('/accounts/delete/', methods=['GET', 'POST'])
def delete():
    username = (flask.session['username'])
    to_add = (username,)
aebopp's avatar
aebopp committed

    if flask.session["leader"] == 1:
        leaderCur = cur.execute('SELECT orgName FROM orgs WHERE '
        'username =:who', {"who": username})
        results = leaderCur.fetchone()
        orgName = results["orgName"]
        cur.execute("DELETE from orgs WHERE orgName = ?", (orgName,))
        cur.execute("UPDATE users SET orgName = 'NONE' WHERE orgName = ?", (orgName,))
        cur.execute("UPDATE requests SET leader = 'pending' WHERE leader = ?", (username,))
    flask.session.clear()
    cur.execute('DELETE FROM users WHERE username=?', to_add)
    return flask.redirect(flask.url_for('login'))

@servicePoints.app.route('/accounts/deleteOrg/', methods=['GET', 'POST'])
def deleteOrg():
    username = flask.session["username"]
    cursor = servicePoints.model.get_db()
    leaderCur = cursor.execute('SELECT orgName FROM orgs WHERE '
        'username =:who',
        {"who": username})
    results = leaderCur.fetchone()
    orgName = results["orgName"]
    cursor.execute("DELETE from orgs WHERE orgName = ?", (orgName,))
    cursor.execute("UPDATE users SET orgName = 'NONE' WHERE orgName = ?", (orgName,))
    cursor.execute("UPDATE requests SET leader = 'pending' WHERE leader = ?",
                            (username,))
    return flask.redirect(flask.url_for('index'))
@servicePoints.app.route('/accounts/mask/')
def mask():
    username = flask.session["username"]
    cursor = servicePoints.model.get_db()
    studentOrgCur = cursor.execute('SELECT orgName, hours FROM users WHERE '
                            'username =:who',
                            {"who": username})
    results = studentOrgCur.fetchone()
    context = {'username': username, 'org': results["orgName"], 'hours': results["hours"]}
    return render_template('mask.html', **context)

@servicePoints.app.route('/accounts/blood/')
def blood():
    username = flask.session["username"]
    cursor = servicePoints.model.get_db()
    studentOrgCur = cursor.execute('SELECT orgName, hours FROM users WHERE '
                            'username =:who',
                            {"who": username})
    results = studentOrgCur.fetchone()

    bloodDrives = cursor.execute('SELECT name, description, link FROM posts WHERE '
                            'service =:who',
                            {"who": 'blood'})
    bloodDs = bloodDrives.fetchall()

    # Add database info to context
    context = {'username': username, 'org': results["orgName"], 'hours': results["hours"], 'bloodDs': bloodDs}

    return render_template('blood.html', **context)

@servicePoints.app.route('/accounts/food/')
def food():
    username = flask.session["username"]
    cursor = servicePoints.model.get_db()
    studentOrgCur = cursor.execute('SELECT orgName, hours FROM users WHERE '
                            'username =:who',
                            {"who": username})
    results = studentOrgCur.fetchone()

    foodDrives = cursor.execute('SELECT name, description, link FROM posts WHERE '
                            'service =:who',
                            {"who": 'food'})
    foodDs = foodDrives.fetchall()

    # Add database info to context
    context = {'username': username, 'org': results["orgName"], 'hours': results["hours"], 'foodDs': foodDs}
    return render_template('food.html', **context)

@servicePoints.app.route('/accounts/profile/', methods=['GET', 'POST'])
mrschnei's avatar
mrschnei committed
def profile():
aebopp's avatar
aebopp committed
        if 'orgName' in flask.request.form:
            orgName = str(flask.request.form['orgName'])
            username = str(flask.session['username'])
            cur = servicePoints.model.get_db()
            curOrg = cur.execute('SELECT orgName FROM users WHERE username = ?',
                                        (username,))
aebopp's avatar
aebopp committed
            org = curOrg.fetchone()
            curOrg = cur.execute('SELECT fullname, email, hours FROM users WHERE username = ?',
aebopp's avatar
aebopp committed
                                        (username,))  
            userInfo = curOrg.fetchone()          
            pendingData = (flask.session['username'], userInfo['fullname'],
                userInfo['email'], orgName, userInfo['hours'])
            cursor = cur.execute('SELECT * FROM pendingOrgs WHERE username =:who', {"who": username})
            tryfetch = cursor.fetchone()
            if tryfetch is not None:
                cur.execute("DELETE from pendingOrgs WHERE username = ?", (username,))
            cur.execute("INSERT INTO pendingOrgs(username, fullname, email, orgName, "
                    "hours) VALUES (?, ?, ?, ?, ?)", pendingData)
            if org == "NONE":
                cur.execute('DELETE from orgs WHERE username = ?',
                                            (username,))
            # Leave current org and do not join new one
aebopp's avatar
aebopp committed
        elif 'noOrg' in flask.request.form:
            username = str(flask.session['username'])
            cur = servicePoints.model.get_db()
            cursor = cur.execute('SELECT * FROM pendingOrgs WHERE username =:who', {"who": username})
            tryfetch = cursor.fetchone()
            if tryfetch is not None:
                cur.execute("DELETE from pendingOrgs WHERE username = ?", (username,))
            cur.execute("UPDATE users SET orgName = 'NONE' WHERE username = ?",
                                        (username,))
            cur.execute("UPDATE requests SET leader = 'pending' WHERE member = ?",
                                        (username,))
aebopp's avatar
aebopp committed
        elif 'fullname' in flask.request.form: 
            fullName = str(flask.request.form['fullname'])
            username = str(flask.session['username'])
            cur = servicePoints.model.get_db()
            cur.execute('UPDATE users SET fullname = ? WHERE username = ?',
                                        (fullName, username,))
aebopp's avatar
aebopp committed
        elif 'email' in flask.request.form: 
            email = str(flask.request.form['email'])
            username = str(flask.session['username'])
            cur = servicePoints.model.get_db()
            cur.execute('UPDATE users SET email = ? WHERE username = ?',
                                        (email, username,))                           

    cursor = servicePoints.model.get_db()
    cur = cursor.execute("SELECT * FROM orgs")
aebopp's avatar
aebopp committed
    username = flask.session['username']
    cur = cursor.execute("SELECT fullname, email, orgName, hours from users WHERE username = ?", (username,))
aebopp's avatar
aebopp committed
    user = cur.fetchone()
    studentOrgCur = cursor.execute('SELECT orgName, hours FROM users WHERE '
                            'username =:who',
                            {"who": username})
    results = studentOrgCur.fetchone()
    leaderCur = cursor.execute('SELECT orgName FROM orgs WHERE '
                    'username =:who',
                    {"who": username})
    tryfetch = leaderCur.fetchone()
    if tryfetch is None or tryfetch["orgName"] == "NONE":
        leader = 0
    else:
        leader = 1
aebopp's avatar
aebopp committed
    cur = cursor.execute('SELECT * FROM pendingOrgs WHERE username =:who', {"who": username})
    trypending = cur.fetchone()
    if trypending is None:
        pending = ''
aebopp's avatar
aebopp committed
    else:

    context = {"orgs": orgs, "fullname": user["fullname"], "email": user["email"], "username": username, "hours": results["hours"],
aebopp's avatar
aebopp committed
        "org": user["orgName"], "leader": leader, "pending": pending}
mrschnei's avatar
mrschnei committed
    return render_template('userProfile.html', **context)

aebopp's avatar
aebopp committed
@servicePoints.app.route('/images/<path:filename>', methods=['GET', 'POST'])
def images(filename):
    if "username" in flask.session:
        return flask.send_from_directory(servicePoints.app.config['IMAGES_FOLDER'], filename, as_attachment=True)
aebopp's avatar
aebopp committed
    return flask.redirect(flask.url_for('login'))
@servicePoints.app.route('/accounts/deleteTutor/', methods=['GET', 'POST'])
def deleteTutor():
    # Delete Tutor Account
    cur = servicePoints.model.get_db()
    cur.execute("DELETE from tutors WHERE username = ?", (flask.session['username'],))

    return flask.redirect(flask.url_for('tutorsu'))

@servicePoints.app.route('/accounts/updateTutor/', methods=['GET', 'POST'])
def updateTutor():
    flask.session['subjects'] = flask.request.form['subjects']
    flask.session['time'] = flask.request.form['time']

    data2 = (flask.session['subjects'], flask.session['time'],
            flask.session['username'])

    cur = servicePoints.model.get_db()
    cur.execute("UPDATE tutors SET subject=?, time=? WHERE username = ?", data2)

    return flask.redirect(flask.url_for('tutorsu'))

@servicePoints.app.route('/accounts/tutorsu/', methods=['GET', 'POST'])
def tutorsu():

    if flask.request.method == 'POST':
        flask.session['subjects'] = flask.request.form['subjects']
        flask.session['time'] = flask.request.form['time']
        data = (flask.session['username'], flask.session['subjects'],
                flask.session['time'])

        cur = servicePoints.model.get_db()
        cur.execute("INSERT INTO tutors(username, subject, time) VALUES (?, ?, ?)", data)

        return flask.redirect(flask.url_for('tutorsu'))
aebopp's avatar
aebopp committed
    cursor = servicePoints.model.get_db().cursor()
    username = flask.session["username"]
aebopp's avatar
aebopp committed

mrschnei's avatar
mrschnei committed
    cur = cursor.execute("SELECT subject, time FROM tutors")
    tutors = cur.fetchall()

mrschnei's avatar
mrschnei committed
    cur2 = cursor.execute('SELECT fullname, email FROM users WHERE username IN (SELECT username FROM tutors)')
    tutorsN = cur2.fetchall()
    studentOrgCur = cursor.execute('SELECT orgName, hours FROM users WHERE username =:who',
                            {"who": username})
    results = studentOrgCur.fetchone()

    # Add database info to context
    cur3 = cursor.execute('SELECT subject, time FROM tutors WHERE username =:who',
                            {"who": username})
    tutorInfo = cur3.fetchone()
    if not tutorInfo:
        registered = 0
        context = {"tutors": tutors, "tutorsN": tutorsN, 'username': username, 'org': results["orgName"], 
                   'hours': results["hours"], "registered": registered}
    else:
        registered = 1
        context = {"tutors": tutors, "tutorsN": tutorsN, 'userSubjects': tutorInfo["subject"], "userTimes": tutorInfo["time"], 
               'username': username, 'org': results["orgName"], 'hours': results["hours"], "registered": registered}
aebopp's avatar
aebopp committed

    return flask.render_template("tutor.html", **context,zip=zip)
aebopp's avatar
aebopp committed
@servicePoints.app.route('/accounts/submitPoints/', methods=['GET', 'POST'])
def submitPoints():
    if flask.request.method == 'POST':
        dummy, temp_filename = tempfile.mkstemp()
        file = flask.request.files["file"]
        serviceType = flask.request.form["service"]
        description = flask.request.form["description"]
aebopp's avatar
aebopp committed
        file.save(temp_filename)

        # Compute filename
        hash_txt = sha256sum(temp_filename)
        dummy, suffix = os.path.splitext(file.filename)
        hash_filename_basename = hash_txt + suffix
        hash_filename = os.path.join(servicePoints.app.config["IMAGES_FOLDER"],
            hash_filename_basename)
aebopp's avatar
aebopp committed

        # Move temp file to permanent location
        shutil.move(temp_filename, hash_filename)
        cursor = servicePoints.model.get_db()
        username = flask.session["username"]
        studentOrgCur = cursor.execute('SELECT orgName FROM users WHERE '
                        'username =:who',
                        {"who": username})
        results = studentOrgCur.fetchone()
        orgName = results["orgName"]
        if orgName == "NONE":
            leader = "pending"
        else:
            studentOrgLeader = cursor.execute('SELECT username FROM orgs WHERE '
                            'orgName =:who',
                            {"who": orgName})
            results = studentOrgLeader.fetchone()
            leader = results["username"]
        cursor.execute('INSERT INTO requests(member, leader, service, description, filename) VALUES '
            '(:one,:two,:three,:four,:five)', {"one": username, "two": leader, "three": serviceType, "four": description, "five": hash_filename_basename})

    return flask.redirect(flask.url_for('index'))

@servicePoints.app.route('/accounts/submitService/', methods=['GET', 'POST'])
def submitService():
    if flask.request.method == 'POST':
        serviceType = flask.request.form["service"]
        description = flask.request.form["description"]
        data = (serviceType, name, description, link)
        cursor.execute("INSERT INTO posts(service, name, description, link) VALUES (?, ?, ?, ?)", data)
    
    return flask.redirect(flask.url_for('index'))
aebopp's avatar
aebopp committed

@servicePoints.app.route('/accounts/confirmSubmission/', methods=['GET', 'POST'])
def confirmSubmission():
    if flask.request.method == 'POST':
        return flask.redirect(flask.url_for('index'))
    username = flask.session["username"]
    cursor = servicePoints.model.get_db()
    studentOrgCur = cursor.execute('SELECT orgName FROM users WHERE '
                        'username =:who',
                        {"who": username})
    results = studentOrgCur.fetchone()
    orgName = results["orgName"]
    if orgName == "NONE":
        context = {"leader": "[when you join a student org, your request will be sent to the student org leader]"}
    else:
        studentOrgLeader = cursor.execute('SELECT username FROM orgs WHERE '
                        'orgName =:who',
                        {"who": orgName})
        results = studentOrgLeader.fetchone()
        leader = results["username"]
        studentOrgLeaderFull = cursor.execute('SELECT fullname FROM users WHERE '
                        'username =:who',
                        {"who": leader})
        results = studentOrgLeaderFull.fetchone()
        context = {"leader": results["fullname"]}
aebopp's avatar
aebopp committed
    return render_template('confirmSubmission.html', **context)

@servicePoints.app.route('/accounts/manageOrg/', methods=['GET', 'POST'])
def manageOrg():
    if 'username' in flask.session:
        username = flask.session["username"]
        if flask.request.method == 'POST':
aebopp's avatar
aebopp committed
            if 'add' in flask.request.form:
                cursor = servicePoints.model.get_db()
                leaderCur = cursor.execute('SELECT orgName FROM orgs WHERE '
                    'username =:who',
                    {"who": username})
                results = leaderCur.fetchone()
                orgName = results["orgName"]                
                cursor.execute("DELETE from pendingOrgs WHERE username = ?", (flask.request.form["user"],))
                cursor.execute('UPDATE users SET orgName = ? WHERE username = ? ', (orgName, flask.request.form["user"],))
                cursor.execute("UPDATE requests SET leader = ? WHERE member = ?",
                                        (username, flask.request.form["user"],))
            # Denies user from org
aebopp's avatar
aebopp committed
            if 'deny' in flask.request.form:
                cursor = servicePoints.model.get_db()
                cursor.execute("DELETE from pendingOrgs WHERE username = ?", (flask.request.form["user"],))
            # Removes user from org
            if 'remove' in flask.request.form:
aebopp's avatar
aebopp committed
                cursor = servicePoints.model.get_db()
                cursor.execute("UPDATE users SET orgName = 'NONE' WHERE username = ? ", (flask.request.form["user"],))
                cursor.execute("UPDATE requests SET leader = 'pending' WHERE member = ?",
                                        (flask.request.form["user"],))
        cursor = servicePoints.model.get_db()
        leaderCur = cursor.execute('SELECT orgName FROM orgs WHERE '
                    'username =:who',
                    {"who": username})
        results = leaderCur.fetchone()
        orgName = results["orgName"]
        membersCur = cursor.execute('SELECT username, fullname FROM users WHERE orgname =:who', {"who": orgName})
        members = membersCur.fetchall()
aebopp's avatar
aebopp committed
        pendingCur = cursor.execute('SELECT username, fullname, email, hours FROM pendingOrgs WHERE '
                    'orgName =:who',
                    {"who": orgName})
        pending = pendingCur.fetchall()
        context = {'org': orgName, 'members': members, 'username': username, 'pending': pending, 'hours': flask.session["hours"]}
        return render_template('manageOrg.html', **context)
    return flask.redirect(flask.url_for('login'))
aebopp's avatar
aebopp committed


def sha256sum(filename):
    """Return sha256 hash of file content, similar to UNIX sha256sum."""
    content = open(filename, 'rb').read()
    sha256_obj = hashlib.sha256(content)