Merge branch 'master' of github.com:failedxyz/easyctf
This commit is contained in:
commit
353b639cbe
2 changed files with 28 additions and 5 deletions
|
@ -49,9 +49,12 @@ def team_delete():
|
||||||
usr = Users.query.filter_by(username=username).first()
|
usr = Users.query.filter_by(username=username).first()
|
||||||
owner = team.owner
|
owner = team.owner
|
||||||
if usr.uid == owner or usr.admin:
|
if usr.uid == owner or usr.admin:
|
||||||
usr.tid = -1
|
for member in Users.query.filter_by(tid=tid).all():
|
||||||
|
member.tid = -1
|
||||||
|
with app.app_context():
|
||||||
|
db.session.add(member)
|
||||||
|
|
||||||
with app.app_context():
|
with app.app_context():
|
||||||
db.session.add(usr)
|
|
||||||
db.session.delete(team)
|
db.session.delete(team)
|
||||||
db.session.commit()
|
db.session.commit()
|
||||||
session.pop("tid")
|
session.pop("tid")
|
||||||
|
@ -59,6 +62,26 @@ def team_delete():
|
||||||
else:
|
else:
|
||||||
raise WebException("Not authorized.")
|
raise WebException("Not authorized.")
|
||||||
|
|
||||||
|
@blueprint.route("/remove_member", methods=["POST"])
|
||||||
|
@api_wrapper
|
||||||
|
@login_required
|
||||||
|
def team_remove_member():
|
||||||
|
username = session["username"]
|
||||||
|
tid = session["tid"]
|
||||||
|
team = Teams.query.filter_by(tid=tid).first()
|
||||||
|
usr = Users.query.filter_by(username=username).first()
|
||||||
|
owner = team.owner
|
||||||
|
if usr.uid == owner or usr.admin:
|
||||||
|
params = utils.flat_multi(request.form)
|
||||||
|
user_to_remove = Users.query.filter_by(username=params.get("user"))
|
||||||
|
user_to_remove.tid = -1
|
||||||
|
with app.app_context():
|
||||||
|
db.session.add(user_to_remove)
|
||||||
|
db.session.commit()
|
||||||
|
return { "success": 1, "message": "Success!" }
|
||||||
|
else:
|
||||||
|
raise WebException("Not authorized.")
|
||||||
|
|
||||||
@blueprint.route("/invite", methods=["POST"])
|
@blueprint.route("/invite", methods=["POST"])
|
||||||
@api_wrapper
|
@api_wrapper
|
||||||
@login_required
|
@login_required
|
||||||
|
|
|
@ -197,7 +197,7 @@ function display_message(containerId, alertType, message, callback) {
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
function api_call(method, url, data, callback) {
|
function api_call(method, url, data, callback_success, callback_fail) {
|
||||||
if (method.toLowerCase() == "post") {
|
if (method.toLowerCase() == "post") {
|
||||||
data["csrf_token"] = $.cookie("csrf_token");
|
data["csrf_token"] = $.cookie("csrf_token");
|
||||||
}
|
}
|
||||||
|
@ -206,7 +206,7 @@ function api_call(method, url, data, callback) {
|
||||||
"datatype": "json",
|
"datatype": "json",
|
||||||
"data": data,
|
"data": data,
|
||||||
"url": url
|
"url": url
|
||||||
}).done(callback);
|
}).done(callback_success).fail(callback_fail);
|
||||||
}
|
}
|
||||||
|
|
||||||
$.fn.serializeObject = function() {
|
$.fn.serializeObject = function() {
|
||||||
|
|
Loading…
Reference in a new issue