Merge branch 'master' of github.com:failedxyz/easyctf
This commit is contained in:
commit
353b639cbe
2 changed files with 28 additions and 5 deletions
|
@ -49,9 +49,12 @@ def team_delete():
|
|||
usr = Users.query.filter_by(username=username).first()
|
||||
owner = team.owner
|
||||
if usr.uid == owner or usr.admin:
|
||||
usr.tid = -1
|
||||
for member in Users.query.filter_by(tid=tid).all():
|
||||
member.tid = -1
|
||||
with app.app_context():
|
||||
db.session.add(member)
|
||||
|
||||
with app.app_context():
|
||||
db.session.add(usr)
|
||||
db.session.delete(team)
|
||||
db.session.commit()
|
||||
session.pop("tid")
|
||||
|
@ -59,6 +62,26 @@ def team_delete():
|
|||
else:
|
||||
raise WebException("Not authorized.")
|
||||
|
||||
@blueprint.route("/remove_member", methods=["POST"])
|
||||
@api_wrapper
|
||||
@login_required
|
||||
def team_remove_member():
|
||||
username = session["username"]
|
||||
tid = session["tid"]
|
||||
team = Teams.query.filter_by(tid=tid).first()
|
||||
usr = Users.query.filter_by(username=username).first()
|
||||
owner = team.owner
|
||||
if usr.uid == owner or usr.admin:
|
||||
params = utils.flat_multi(request.form)
|
||||
user_to_remove = Users.query.filter_by(username=params.get("user"))
|
||||
user_to_remove.tid = -1
|
||||
with app.app_context():
|
||||
db.session.add(user_to_remove)
|
||||
db.session.commit()
|
||||
return { "success": 1, "message": "Success!" }
|
||||
else:
|
||||
raise WebException("Not authorized.")
|
||||
|
||||
@blueprint.route("/invite", methods=["POST"])
|
||||
@api_wrapper
|
||||
@login_required
|
||||
|
|
|
@ -197,7 +197,7 @@ function display_message(containerId, alertType, message, callback) {
|
|||
});
|
||||
};
|
||||
|
||||
function api_call(method, url, data, callback) {
|
||||
function api_call(method, url, data, callback_success, callback_fail) {
|
||||
if (method.toLowerCase() == "post") {
|
||||
data["csrf_token"] = $.cookie("csrf_token");
|
||||
}
|
||||
|
@ -206,7 +206,7 @@ function api_call(method, url, data, callback) {
|
|||
"datatype": "json",
|
||||
"data": data,
|
||||
"url": url
|
||||
}).done(callback);
|
||||
}).done(callback_success).fail(callback_fail);
|
||||
}
|
||||
|
||||
$.fn.serializeObject = function() {
|
||||
|
|
Loading…
Reference in a new issue