Skip to content

Commit

Permalink
typo in allocations + allow whitelisting of non computing students
Browse files Browse the repository at this point in the history
  • Loading branch information
Dropheart committed Oct 8, 2024
1 parent 4a61876 commit e55fbcf
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 12 deletions.
2 changes: 1 addition & 1 deletion allocations/run.py
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
from allocator.allocate import allocate

authCookie = input("Please insert your auth cookie:\nThis will only be saved in memory to do the allocations.\nSee the README if you're unsure how to get this.\n")
allocate(authCookie, url="https://family.docsoc.co.uk")
allocate(authCookie, url="https://family.docsoc.co.uk/")
28 changes: 17 additions & 11 deletions hono/auth/auth.ts
Original file line number Diff line number Diff line change
Expand Up @@ -110,22 +110,32 @@ const auth = factory
'mail'
]);

if (res.department != 'Computing') {
const shortcode = res.userPrincipalName.match(/.*(?=@)/g);
if (shortcode == null) {
return ctx.json(
{
error: 'You are not a Computing student :('
error: 'User has no shortcode.'
},
403
400
);
}

const shortcode = res.userPrincipalName.match(/.*(?=@)/g);
if (shortcode == null) {
const studentInDb = await db
.select()
.from(students)
.where(eq(students.shortcode, shortcode[0]));

// We allow them to pass even as non-Computing students if they
// exist in the DB. This is done for cases where there is a
// non Computing member on committee who needs access to the
// admin portal, or a non computing member who is eligible to
// be a parent or student, somehow.
if (studentInDb.length == 0 && res.department != 'Computing') {
return ctx.json(
{
error: 'User has no shortcode.'
error: 'You are not a Computing student :('
},
400
403
);
}

Expand All @@ -149,10 +159,6 @@ const auth = factory
ctx.header('Set-Cookie', generateCookieHeader(token, maxAge));

let completedSurvey = false;
const studentInDb = await db
.select()
.from(students)
.where(eq(students.shortcode, shortcode[0]));
if (studentInDb.length == 1 && studentInDb[0]?.completedSurvey)
completedSurvey = true;
else if (studentInDb.length == 0) {
Expand Down

0 comments on commit e55fbcf

Please sign in to comment.