+
+@app.route("/proxy")
+def proxy():
+ if not may_admin("proxyadmin"):
+ return "Forbidden", 403
+ return render_template('proxy.html', voters=get_voters(), proxies=get_all_proxies(), may_proxyadmin=may_admin("proxyadmin"))
+
+@app.route("/proxy/add", methods=['POST'])
+def add_proxy():
+ if not may_admin("proxyadmin"):
+ return "Forbidden", 403
+ voter=request.form.get("voter", "")
+ proxy=request.form.get("proxy", "")
+ if voter == proxy :
+ return "Error, voter equals proxy.", 400
+ rv = get_db().prepare("SELECT id FROM voter WHERE email=$1")(voter);
+ if len(rv) == 0:
+ return "Error, voter not found.", 400
+ voterid = rv[0].get("id")
+ rv = get_db().prepare("SELECT id FROM voter WHERE email=$1")(proxy);
+ if len(rv) == 0:
+ return "Error, proxy not found.", 400
+ proxyid = rv[0].get("id")
+ rv = get_db().prepare("SELECT id FROM proxy WHERE voter_id=$1 AND revoked is NULL")(voterid);
+ if len(rv) != 0:
+ return "Error, proxy allready given.", 400
+ rv = get_db().prepare("SELECT COUNT(id) as c FROM proxy WHERE proxy_id=$1 AND revoked is NULL GROUP BY proxy_id")(proxyid);
+ if len(rv) != 0:
+ if rv[0].get("c") >= max_proxy:
+ return "Error, Max proxy for '" + proxy + "' reached.", 400
+ rv = get_db().prepare("INSERT INTO proxy(voter_id, proxy_id, granted_by) VALUES ($1,$2,$3)")(voterid, proxyid, g.voter)
+ return rel_redirect("/proxy")
+
+@app.route("/proxy/revoke", methods=['POST'])
+def revoke_proxy():
+ if not may_admin("proxyadmin"):
+ return "Forbidden", 403
+ id=request.form.get("id", "")
+ rv = get_db().prepare("UPDATE proxy SET revoked=CURRENT_TIMESTAMP, revoked_by=$1 WHERE id=$2")(g.voter, int(id))
+ return rel_redirect("/proxy")
+
+@app.route("/proxy/revokeall", methods=['POST'])
+def revoke_proxy_all():
+ if not may_admin("proxyadmin"):
+ return "Forbidden", 403
+ rv = get_db().prepare("UPDATE proxy SET revoked=CURRENT_TIMESTAMP, revoked_by=$1 WHERE revoked IS NULL")(g.voter)
+ return rel_redirect("/proxy")
+