diff --git a/inventory-app/api.py b/inventory-app/api.py
index e19b88b..405b8bf 100644
--- a/inventory-app/api.py
+++ b/inventory-app/api.py
@@ -5,7 +5,7 @@ from datetime import datetime, timedelta
from functools import wraps
from pymongo import MongoClient
from flask import Blueprint, abort, g, make_response, redirect, render_template, request, jsonify
-from common import CustomForm, build_query, flatten, format_name, spam, users
+from common import CustomForm, build_query, flatten, format_name, spam, users, User
page_api = Blueprint("api", __name__)
db = MongoClient(const.MONGO_URI).get_default_database()
@@ -69,7 +69,13 @@ def view_slack_doorboy():
return "Invalid channel was supplied"
command = request.form.get("command")
try:
- door = {"/open-new-door": "backdoor", "/open-back-door": "backdoor", "/open-front-door": "frontdoor", "/open-ground-door": "grounddoor"}[command]
+ door = {
+ "/open-new-door": "backdoor",
+ "/open-back-door": "backdoor",
+ "/open-front-door": "frontdoor",
+ "/open-ground-door": "grounddoor",
+ "/open-workshop-door": "workshopdoor"
+ }[command]
except KeyError:
return "Invalid command was supplied"
@@ -79,7 +85,11 @@ def view_slack_doorboy():
if user.slack_id == request.form.get("user_id"):
member = user
- approved = "k-space:floor" in member.groups
+ if door == "workshopdoor":
+ access_group = "k-space:workshop"
+ else:
+ access_group = "k-space:floor"
+ approved = access_group in member.groups
db.eventlog.insert_one({
"method": "slack",
"approved": approved,
diff --git a/inventory-app/doorboy.py b/inventory-app/doorboy.py
index c0fe6e8..75f450a 100644
--- a/inventory-app/doorboy.py
+++ b/inventory-app/doorboy.py
@@ -8,7 +8,7 @@ from wtforms import StringField, IntegerField, SelectField, BooleanField, DateTi
from wtforms.validators import DataRequired
import const
-from common import spam, users_lookup
+from common import spam, users_lookup, User
from oidc import login_required, read_user
page_doorboy = Blueprint("doorboy", __name__)
@@ -141,8 +141,14 @@ def view_doorboy_hold():
@login_required
def view_doorboy_open(door):
user = read_user()
- if door not in ("grounddoor", "frontdoor", "backdoor"): raise
- approved = user["username"] in users_lookup
+ if door not in ("grounddoor", "frontdoor", "backdoor", "workshopdoor"):
+ return "", 400
+
+ if door == "workshopdoor":
+ access_group = "k-space:workshop"
+ else:
+ access_group = "k-space:floor"
+ approved = access_group in users_lookup.get(user["username"], User()).groups
db.eventlog.insert_one({
"method": "web",
"approved": approved,
@@ -158,7 +164,10 @@ def view_doorboy_open(door):
subject = user["name"]
msg = "%s %s door access for %s via https://inventory.k-space.ee/m/doorboy" % (status, door, subject)
spam(msg)
- return redirect("/m/doorboy")
+ if approved:
+ return redirect("/m/doorboy")
+ else:
+ return "", 401
@page_doorboy.route("/m/doorboy/slam", methods=["POST"])
@@ -179,6 +188,7 @@ def view_doorboy_slam():
@login_required
def view_doorboy():
user = read_user()
+ workshop_access = "k-space:workshop" in users_lookup.get(user["username"], User()).groups
latest_events = db.eventlog.find({"component": "doorboy", "type":"open-door"}).sort([("timestamp", -1)]).limit(10);
latest_swipes = db.inventory.find({"component": "doorboy", "type":"token"}).sort([("last_seen", -1)]).limit(10);
return render_template("doorboy.html", **locals())
diff --git a/inventory-app/templates/doorboy.html b/inventory-app/templates/doorboy.html
index 700cee4..ed2025f 100644
--- a/inventory-app/templates/doorboy.html
+++ b/inventory-app/templates/doorboy.html
@@ -8,8 +8,8 @@
Ground door the one on street level facing KBFI
Front door the one from ground door 5 floors upward
Back door on 5th floor on the Pancake cafeteria side. Note: ground door on cafeteria side is open whenever the cafeteria is open. Other times use the ground door listed above.
+ Workshop door also known as the dirty room