-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmain.rb
More file actions
451 lines (399 loc) · 12.6 KB
/
main.rb
File metadata and controls
451 lines (399 loc) · 12.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
# -*- coding: utf-8 -*-
require 'rubygems'
require 'vendor/frozen.rb'
require 'sequel'
require 'sequel/extensions/inflector'
require 'sinatra'
require 'scaffolding_extensions'
require 'yaml'
require 'ya2yaml'
require 'jcode' if RUBY_VERSION < '1.9'
$KCODE = 'u'
require 'redcloth'
require 'iconv'
require "config" # mailkonfiguration etc.
CHECKMAIL = false
ENV['PSDOM'] = "piratensextant.de"
# ENV['PSDOM'] = "pp-sextant.heroku.com"
class MySinatraApp < Sinatra::Application
configure do
DB = Sequel.connect(ENV['DATABASE_URL'] || 'sqlite://database.db')
set :sessions => true, :run => false
set :show_exceptions, false if ENV['DATABASE_URL']
ENV['APP_ROOT'] ||= File.dirname(__FILE__)
$:.unshift "#{ENV['APP_ROOT']}/vendor/plugins/newrelic_rpm/lib"
require 'newrelic_rpm'
end
Dir["lib/*.rb"].each{|x|load x}
helpers do
include Helpers
end
error do
p1 = $!.inspect
p2 = $!.backtrace.join("\n")
p3 = request.inspect
p4 = ENV.inspect
adminmsg("#{p1}\n\n=== BACKTRACE:\n#{p2}\n\n=== REQUEST:\n#{p3}\n\n=== ENVIRONMENT:\n#{p4}")
flash.clear
erb :error500, :layout => false
end
not_found do
flash.clear
erb :error400
end
before do
tz = request.cookies["TZ"]
if !tz.nil?
$tn = Time.now + 10*60*60 + tz.to_i*60
else
$tn = Time.now + 9*60*60
end
session[:user] = nil if logged_in? and !current_user
if !logged_in? and
request.path_info !~ /login/ and
request.path_info !~ /xrds/ and
request.path_info !~ /oid.*/ and
request.path_info !~ /open.*/ and
request.path_info !~ /images/ and
request.path_info !~ /text/
flash[:notice] = "Nicht angemeldet!"
redirect '/text/index'
end
if logged_in? and current_user.nil?
session[:user_id] = nil
flash[:notice] = "Ungültiger Benutzer!"
redirect '/'
end
if logged_in? and !current_user.is_qadmin and
request.path_info =~ /admin_/
flash[:notice] = "Nur für Administratoren!"
redirect '/text/index'
end
# if CHECKMAIL
# ago = Time.now - State.first.lastmailupdate
# if ago > 30
# $stderr.puts("Checking mail ...") # mails checken
# State.first.lastmailupdate = Time.now
# State.first.save
# end
# end
end
get '/test500' do
x = 1 / 0
erb "Test für Fehler:500"
end
get '/adminlogin' do
erb :adminlogin
end
get '/bear/:q' do
@q = Questionaire[params[:q].to_i]
return (erb "<h1>Datensatz nicht gefunden</h1>") if @q.nil?
return (erb :error_acl) if !user_acl.split(",").include?(@q.scope)
@o = Opinion.find_or_create(:user_id => session[:user_id], :questionaire_id => params[:q])
erb :bear
end
get '/bear_adddel' do
@q = Questionaire[params[:q]]
return (erb "<h1>Nicht gefunden</h1>") if @q.nil?
p = YAML.load(@q.topics_yml)
line = p["themen"][params[:line].to_i]
if / #\[\[.*\]\]#/.match(line)
uid = line.strip.gsub(/.*#\[\[/, "").gsub(/\]\]#/, "").to_i
return (erb "<h1>Bitte versuch es noch einmal.</h1>") if uid != current_user.id
p["themen"].delete_at(params[:line].to_i)
flash[:notice] = "Vorschlag gelöscht."
@q.topics_yml = p.ya2yaml
@q.save
end
redirect "/bear/#{params[:q]}"
end
post '/bear_add' do
@q = Questionaire[params[:q]]
if !user_acl.split(",").include?(@q.scope)
flash[:notice] = "Zugriff auf '#{@q.scope}' nicht erlaubt."
redirect '/'
end
if current_user.is_qadmin or current_user.is_admin
flash[:notice] = "Stimme nicht unter deinem Admin-Login, sondern mit deiner OpenID ab."
redirect '/'
end
if @q.phase.to_i != 1
flash[:notice] = "Ergänzungen nur in Phase I möglich."
redirect '/'
end
p = YAML.load( @q.topics_yml )
newitem = params["new"].gsub(/</, "<").gsub(/>/, ">")
newitem ="#{newitem} #[[#{current_user.id}]]#"
p["themen"].push(newitem)
@q.topics_yml = p.ya2yaml
@q.save
erb :bear
end
post '/bear_vote' do
@q = Questionaire[params[:q]]
if !user_acl.split(",").include?(@q.scope)
flash[:notice] = "Zugriff auf '#{@q.scope}' nicht erlaubt."
redirect '/'
end
if current_user.is_qadmin or current_user.is_admin
flash[:notice] = "Stimme bitte nicht unter deinem Admin-Login, sondern mit deiner OpenID ab."
redirect '/'
end
if @q.phase.to_i != 2
flash[:notice] = "Abstimmungen nur in Phase II möglich."
redirect '/'
end
@o = Opinion.find_or_create(:user_id => session[:user_id], :questionaire_id => params[:q])
p = YAML.load( @q.topics_yml )
pp = p["punkte"]
v = []; sum = 0
for i in 0..p["themen"].length-1
v[i] = (params["t_#{i}".to_sym].nil? ? "" : CGI.escapeHTML(params["t_#{i}".to_sym]))
v[i] = v[i].to_i
v[i] = "" if v[i].to_i <= 0
sum = sum + v[i].to_i # params["t_#{i}".to_sym].to_i
end
@o.opinion_arr = v.inspect
if !p["approvot"].nil?
erglink = p["verdeckt"].nil? ? " Weiter zum <a href='/synaprvot/#{params[:q]}'>Ergebnis</a>" : ""
flash[:notice] = "Danke. Deine Meinung wurde gespeichert." + erglink
@o.valid = true
elsif sum == pp
erglink = p["verdeckt"].nil? ? " Weiter zum <a href='/synopsis/#{params[:q]}'>Ergebnis</a>" : ""
flash[:notice] = "Danke. Das #{pp==1 ? 'ist' : 'sind'} genau #{pp} Punkt#{pp==1 ? '' : 'e'}. Deine Meinung wurde als 'gültig' gespeichert." + erglink
@o.valid = true
else
flash[:notice] = "Bitte verteile zusammen genau #{pp} Punkt#{pp==1 ? '' : 'e'} (derzeit #{sum}). Nur dann wird Deine Meinung als 'gültig' gespeichert."
@o.valid = false
end
@o.save
erb :bear
end
# post '/apply' do
# email = params[:email]
# hash = Digest::MD5.hexdigest(email.downcase)
# u = User.find(:md5hash => hash)
# if !u.nil?
# User.sendmail(u.name, Digest::MD5.hexdigest(u.md5hash)[0..7], email)
# # flash[:notice] = "Logindaten wurden versendet."
# flash[:notice] = "Wenn die Validierung erfolgreich war, wurden die Logindaten versendet."
# else
# # flash[:notice] = "Unter dieser Mailadresse ist uns leider kein Pirat bekannt."
# flash[:notice] = "Wenn die Validierung erfolgreich war, wurden die Logindaten versendet."
# end
# redirect '/text/index'
# end
post '/bear_del' do
Opinion.find(:user_id => session[:user_id], :questionaire_id => params[:q]).destroy
flash[:notice] = "Gelöscht."
redirect '/'
end
get '/synaprvot/:q' do
@q = Questionaire[params[:q]]
return (erb "<h1>Datensatz nicht gefunden</h1>") if @q.nil?
return (erb :error_acl) if !user_acl.split(",").include?(@q.scope)
erb :synaprvot
end
get '/synopsis/:q' do
@q = Questionaire[params[:q]]
return (erb "<h1>Datensatz nicht gefunden</h1>") if @q.nil?
return (erb :error_acl) if !user_acl.split(",").include?(@q.scope)
erb :synopsis
end
get '/gvis/:q/:s' do
@q = Questionaire[params[:q]]
@s = params[:s]
return (erb "<h1>Datensatz nicht gefunden</h1>") if @q.nil?
return (erb :error_acl) if !user_acl.split(",").include?(@q.scope)
erb :graphicsyn
end
get '/export/:q' do
@q = Questionaire[params[:q]]
return (erb "<h1>Datensatz nicht gefunden</h1>") if @q.nil?
return (erb :error_acl) if !user_acl.split(",").include?(@q.scope)
content_type "application/vnd.ms-excel; charset=ISO-8859-1" # utf-8
attachment "report.csv"
Iconv.conv('ISO-8859-1', 'utf-8', (erb :export, :layout => false))
end
get '/xrds' do
sitename = "localhost:4567"
sitename = ENV['PSDOM'] if ENV['DATABASE_URL']
headers 'Content-Type' => "application/xrds+xml", 'X-XRDS-Location: ' => 'http://#{sitename}/xrds'
<<-EOF
<?xml version="1.0" encoding="UTF-8"?>
<xrds:XRDS
xmlns:xrds="xri://$xrds"
xmlns:openid="http://openid.net/xmlns/1.0"
xmlns="xri://$xrd*($v*2.0)">
<XRD>
<Service priority="1">
<Type>http://specs.openid.net/auth/2.0/return_to</Type>
<URI>http://#{sitename}/oidcomplete</URI>
</Service>
</XRD>
</xrds:XRDS>
EOF
end
# get '/wl_import' do
# erb :wl_import
# end
# post '/wl_import' do
# params[:hashlist].split("\n").each {|hash|
# u = User.find_or_create(:md5hash => hash.strip)
# u.name = "ppnds#{u.id}"
# u.longname = "ppnds#{u.id}"
# u.password = Digest::MD5.hexdigest(u.md5hash)[0..7]
# u.is_admin = false
# u.save
# # $stderr.puts "+#{hash.strip}+"
# }
# flash[:notice] = "Whitelist importiert."
# erb :app_index
# end
# get '/status' do
# erb :status
# end
# ======================================================
get '/admin_profile' do
@u = current_user
if @u.is_qadmin and !@u.is_admin
erb :admin_profile
else
flash[:notice]="Zugriff nicht erlaubt."
redirect '/admin_index'
end
end
post '/admin_profile_save' do
@u = current_user
if @u.is_qadmin and !@u.is_admin
if params[:pw1] != ""
if params[:pw1] != params[:pw2]
flash[:notice]="Passwörter nicht gleich."
redirect '/admin_profile'
else
@u.password = params[:pw1]
end
end
@u.email = params[:email]
@u.longname = params[:longname]
@u.save
flash[:notice]="Gespeichert."
redirect '/admin_index'
else
flash[:notice]="Zugriff nicht erlaubt."
redirect '/admin_index'
end
end
get '/admin_index' do
erb :admin_index
end
get '/admin_edit/:q' do
@q = Questionaire[params[:q]]
return (erb "<h1>Datensatz nicht gefunden</h1>") if @q.nil?
erb :admin_edit
end
get '/admin_add' do
@q = nil
erb :admin_edit
end
get '/admin_del/:q' do
return (erb "Neeee.") if !user_acl.split(",").include?(Questionaire[params[:q]].scope)
Questionaire[params[:q]].destroy
flash[:notice]="Gelöscht"
redirect '/admin_index'
end
post '/admin_save' do
scope = params[:scope]
if user_acl.split(",").include?(scope)
hsh = { :name => params[:name].gsub(/</, "<").gsub(/>/, ">"),
:phase => params[:phase].to_i,
:topics_yml => params[:topics_yml].gsub(/</, "<").gsub(/>/, ">"),
:scope => scope.gsub(/</, "<").gsub(/>/, ">")
}
if params[:q] == "" # add
Questionaire.create(hsh)
flash[:notice]="Angelegt"
else
Questionaire[params[:q].to_i].update(hsh)
flash[:notice]="Gespeichert"
end
else
flash[:notice]="Zugriff auf '#{scope}' nicht erlaubt."
end
redirect '/admin_index'
end
# ======================================================
get '/' do
erb :app_index
end
get '/text/:file' do
fn = "./views/text/#{params[:file]}.txt"
return (erb "<h1>Seite nicht gefunden.</h1>") if !File.exist?(fn)
content = erb File.read(fn), :layout => false
content = RedCloth.new(content).to_html
erb content
end
end
class Sequel::Model
def self.scaffold_association_list_class; 'scaffold_associations_tree'; end
def self.scaffold_convert_text_to_string; true; end
#def self.scaffold_association_list_class; 'recline'; end
#def default_scaffold_methods; [:manage, :show, :destroy, :edit, :new, :search]; end
def self.scaffold_associated_human_name(s)
return case s
when :user then "Benutzer"
when :users then "Benutzer"
when :pirate then "Pirat"
when :pirates then "Piraten"
when :questionaire then "Meinungsbild"
when :questionaires then "Meinungsbilder"
when :opinion then "Meinung"
when :opinions then "Meinungen"
else "SYM:#{s.to_s}"
end
end
def local_show_options; {}; end
end
class Scaf < Sinatra::Base
include Helpers
configure do
set :sessions => true, :run => false
end
before do
session[:user] = nil if logged_in? and !current_user
if logged_in? and current_user.nil?
session[:user_id] = nil
flash[:notice] = "Ungültiger Benutzer!"
redirect '/'
end
if !logged_in? or (logged_in? and !current_user.is_admin)
flash[:notice] = "Nur für Systemadministratoren!"
redirect '/text/index'
end
end
@scaffold_template_dir = "#{File.dirname(__FILE__)}/views/scaffolds"
ScaffoldingExtensions.javascript_library = 'JQuery'
def scaffold_new_redirect(suffix, notice)
flash[:notice]=notice
redirect "/app/browse#{suffix}"
end
def scaffold_delete_redirect(suffix, notice)
flash[:notice]=notice
redirect "/app/browse#{suffix}"
end
def scaffold_new_orderposition_redirect(notice)
flash[:notice]=notice
redirect back
end
scaffold_all_models :only=>[User, Questionaire, Opinion, Post, State]
end
$myapp = Rack::Builder.app do
map("/") {run MySinatraApp}
# map("/oidauth") {run OpenIDAuth}
map("/app") {run Scaf}
end
if not ENV['DATABASE_URL']
Rack::Handler.get('webrick').run($myapp, :Host=>'0.0.0.0', :Port=>4567) do |server|
trap(:INT){server.stop}
end
end