E-Board Vote v2

Author: tallen42

eboard.go

@@ -0,0 +1,78 @@
+package main
+
+import (
+	"fmt"
+	"net/http"
+	"slices"
+	"strings"
+
+	"github.com/gin-gonic/gin"
+)
+
+var votes map[string]float32
+var voters []string
+
+var OPTIONS = []string{"Pass", "Fail", "Abstain"}
+
+func HandleGetEboardVote(c *gin.Context) {
+	user := getUserData(c)
+	if !slices.Contains(user.Groups, "eboard") {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "You need to be E-Board to access this page"})
+		return
+	}
+	if votes == nil {
+		votes = make(map[string]float32)
+	}
+	fmt.Println(votes)
+	c.HTML(http.StatusOK, "eboard.tmpl", gin.H{
+		"Username": user,
+		"Voted":    slices.Contains(voters, user.Username),
+		"Results":  votes,
+		"Options":  OPTIONS,
+	})
+}
+
+func HandlePostEboardVote(c *gin.Context) {
+	user := getUserData(c)
+	if !slices.Contains(user.Groups, "eboard") {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "You need to be E-Board to access this page"})
+		return
+	}
+	if slices.Contains(voters, user.Username) {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "You cannot vote again!"})
+		return
+	}
+	i := slices.IndexFunc(user.Groups, func(s string) bool {
+		return strings.Contains(s, "eboard-")
+	})
+	if i == -1 {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "You have the eboard group but not an eboard-[position] group. What is wrong with you?"})
+		return
+	}
+	//get the eboard position, count the members, and divide one whole vote by the number of members in the position
+	position := user.Groups[i]
+	positionMembers := oidcClient.GetOIDCGroup(oidcClient.FindOIDCGroupID(position))
+	weight := 1.0 / float32(len(positionMembers))
+	fmt.Println(weight)
+	//post the vote
+	option := c.PostForm("option")
+	if option == "" {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "You need to pick an option"})
+	}
+	votes[option] = votes[option] + weight
+	voters = append(voters, user.Username)
+	c.Redirect(http.StatusFound, "/eboard")
+}
+
+func HandleManageEboardVote(c *gin.Context) {
+	user := getUserData(c)
+	if !slices.Contains(user.Groups, "eboard") {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "You need to be E-Board to access this page"})
+		return
+	}
+	if c.PostForm("clear_vote") != "" {
+		votes = make(map[string]float32)
+		voters = make([]string, 0)
+	}
+	c.Redirect(http.StatusFound, "/eboard")
+}

main.go

@@ -95,12 +95,15 @@ func main() {
 	r.GET("/auth/callback", csh.AuthCallback)
 	r.GET("/auth/logout", csh.AuthLogout)
 
+	r.GET("/eboard", csh.AuthWrapper(HandleGetEboardVote))
+	r.POST("/eboard", csh.AuthWrapper(HandlePostEboardVote))
+	r.POST("/eboard/manage", csh.AuthWrapper(HandleManageEboardVote))
+
 	// TODO: change ALL the response codes to use http.(actual description)
 	r.GET("/", csh.AuthWrapper(func(c *gin.Context) {
-		cl, _ := c.Get("cshauth")
-		claims := cl.(cshAuth.CSHClaims)
 		// This is intentionally left unprotected
 		// A user may be unable to vote but should still be able to see a list of polls
+		user := getUserData(c)
 
 		polls, err := database.GetOpenPolls(c)
 		if err != nil {
@@ -111,27 +114,11 @@ func main() {
 			return polls[i].Id > polls[j].Id
 		})
 
-		closedPolls, err := database.GetClosedVotedPolls(c, claims.UserInfo.Username)
-		if err != nil {
-			c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
-			return
-		}
-		ownedPolls, err := database.GetClosedOwnedPolls(c, claims.UserInfo.Username)
-		if err != nil {
-			c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
-			return
-		}
-		closedPolls = append(closedPolls, ownedPolls...)
-
-		sort.Slice(closedPolls, func(i, j int) bool {
-			return closedPolls[i].Id > closedPolls[j].Id
-		})
-		closedPolls = uniquePolls(closedPolls)
-
 		c.HTML(http.StatusOK, "index.tmpl", gin.H{
 			"Polls":    polls,
-			"Username": claims.UserInfo.Username,
-			"FullName": claims.UserInfo.FullName,
+			"Username": user.Username,
+			"FullName": user.FullName,
+			"EBoard":   slices.Contains(user.Groups, "eboard"),
 		})
 	}))
 
@@ -598,6 +585,12 @@ func canVote(user cshAuth.CSHUserInfo, poll database.Poll, allowedUsers []string
 	return 0
 }
 
+func getUserData(c *gin.Context) cshAuth.CSHUserInfo {
+	cl, _ := c.Get("cshauth")
+	user := cl.(cshAuth.CSHClaims).UserInfo
+	return user
+}
+
 func uniquePolls(polls []*database.Poll) []*database.Poll {
 	var unique []*database.Poll
 	for _, poll := range polls {

templates/eboard.tmpl

@@ -1,15 +1,52 @@
 <!DOCTYPE html>
 <html lang="en">
 <head>
-    <title>CSH Vote</title>
-    <!-- <link rel="stylesheet" href="https://themeswitcher.csh.rit.edu/api/get" /> -->
-    <link rel="stylesheet" href="https://assets.csh.rit.edu/csh-material-bootstrap/4.6.2/dist/csh-material-bootstrap.min.css" media="screen">
+  <title>CSH Vote</title>
+  <link rel="stylesheet"
+        href="https://assets.csh.rit.edu/csh-material-bootstrap/4.6.2/dist/csh-material-bootstrap.min.css"
+        media="screen">
 
-    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.13.1/font/bootstrap-icons.min.css">
+  <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.13.1/font/bootstrap-icons.min.css">
 
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
 </head>
 <body>
 {{ template "nav" . }}
+<div class="container main p-5">
+  <h2>E-Board Vote</h2>
+  <div class="row">
+    <div class="col-md-8">
+      {{ if .Voted }}
+        {{ range $option, $count := .Results }}
+          <div id="{{ $option }}" style="font-size: 1.25rem; line-height: 1.25">
+              {{ $option }}: {{ $count }}
+          </div>
+          <br/>
+        {{ end }}
+      {{ else }}
+        <form method="POST">
+          {{ range $i, $option := .Options }}
+            <div class="form-check">
+              <input class="form-check-input" type="radio" name="option"
+                     id="{{ $option }}"
+                     value="{{ $option }}" required/>
+              <label style="font-size: 1.25rem; line-height: 1.25; padding-left: 4px;"
+                     class="form-check-label"
+                     for="{{ $option }}">{{ $option }}</label>
+            </div>
+            <br/>
+          {{ end }}
+          <button type="submit" class="btn btn-primary">Submit</button>
+        </form>
+      {{ end }}
+    </div>
+    <div class="col-md-4">
+      <form action="/eboard/manage" method="POST" onsubmit="location.reload()">
+        <input class="d-none" name="clear_vote" value="true">
+        <button type="submit" class="btn btn-warning">Clear Votes</button>
+      </form>
+    </div>
+  </div>
+</div>
 </body>
-</html>
+</html>

templates/nav.tmpl

@@ -1,24 +1,27 @@
 {{ define "nav" }}
-<nav class="navbar navbar-expand-lg navbar-dark bg-primary">
+  <nav class="navbar navbar-expand-lg navbar-dark bg-primary">
     <div class="container">
-        <a class="navbar-brand" href="/">Vote</a>
+      <a class="navbar-brand" href="/">Vote</a>
 
-        <button class="navbar-toggler collapsed" type="button" data-toggle="collapse" data-target="#navbar"
-                    aria-controls="navbar" aria-expanded="false" aria-label="Toggle navigation">
-            <span class="navbar-toggler-icon"></span>
-        </button>  
-        <div id="navbar" class="collapse navbar-collapse">
-            <a class="nav-item nav-link text-light" href="/"><i class="bi bi-exclamation-circle-fill"></i> Open Polls</a>
-            <a class="nav-item nav-link text-light" href="/closed"><i class="bi bi-archive-fill"></i> Closed Polls</a>
-            <a class="nav-item nav-link text-light" href="/create"><i class="bi bi-plus-circle-fill"></i> Create Poll</a>
-            <div class="nav navbar-nav ml-auto">
-                <div class="navbar-user">
-                    <img src="https://profiles.csh.rit.edu/image/{{ .Username }}" />
-                    <span class="text-light">{{ .FullName }}</span>
-                    <a href="/auth/logout" style="color: #c3c3c3;"><i>(logout)</i></a>
-                </div>
-            </div>
+      <button class="navbar-toggler collapsed" type="button" data-toggle="collapse" data-target="#navbar"
+              aria-controls="navbar" aria-expanded="false" aria-label="Toggle navigation">
+        <span class="navbar-toggler-icon"></span>
+      </button>
+      <div id="navbar" class="collapse navbar-collapse">
+        <a class="nav-item nav-link text-light" href="/"><i class="bi bi-exclamation-circle-fill"></i> Open Polls</a>
+        <a class="nav-item nav-link text-light" href="/closed"><i class="bi bi-archive-fill"></i> Closed Polls</a>
+        <a class="nav-item nav-link text-light" href="/create"><i class="bi bi-plus-circle-fill"></i> Create Poll</a>
+          {{ if .EBoard }}
+            <a class="nav-item nav-link text-light" href="/eboard"> E-Board</a>
+          {{ end }}
+        <div class="nav navbar-nav ml-auto">
+          <div class="navbar-user">
+            <img src="https://profiles.csh.rit.edu/image/{{ .Username }}" />
+            <span class="text-light">{{ .FullName }}</span>
+            <a href="/auth/logout" style="color: #c3c3c3;"><i>(logout)</i></a>
+          </div>
         </div>
+      </div>
     </div>
 
     <script>
@@ -31,6 +34,6 @@
             });
         });
     </script>
-</nav>
+  </nav>
 
 {{ end }}

users.go

@@ -2,6 +2,7 @@ package main
 
 import (
 	"encoding/json"
+	"fmt"
 	"io"
 	"net/http"
 	"net/url"
@@ -29,6 +30,8 @@ type OIDCUser struct {
 	SlackUID string `json:"slackuid"`
 }
 
+var groupCache map[string]string
+
 func (client *OIDCClient) setupOidcClient(oidcClientId, oidcClientSecret string) {
 	client.oidcClientId = oidcClientId
 	client.oidcClientSecret = oidcClientSecret
@@ -37,6 +40,7 @@ func (client *OIDCClient) setupOidcClient(oidcClientId, oidcClientSecret string)
 		logging.Logger.WithFields(logrus.Fields{"method": "setupOidcClient"}).Error(err)
 		return
 	}
+	groupCache = make(map[string]string)
 	client.providerBase = parse.Scheme + "://" + parse.Host
 	exp := client.getAccessToken()
 	ticker := time.NewTicker(time.Duration(exp) * time.Second)
@@ -94,6 +98,45 @@ func (client *OIDCClient) GetEBoard() []OIDCUser {
 	return client.GetOIDCGroup("47dd1a94-853c-426d-b181-6d0714074892")
 }
 
+func (client *OIDCClient) FindOIDCGroupID(name string) string {
+	if groupCache[name] != "" {
+		return groupCache[name]
+	}
+	htclient := &http.Client{}
+	//active
+	req, err := http.NewRequest("GET", client.providerBase+"/auth/admin/realms/csh/groups?exact=true&search="+name, nil)
+	if err != nil {
+		logging.Logger.WithFields(logrus.Fields{"method": "FindOIDCGroupID"}).Error(err)
+		return ""
+	}
+	req.Header.Add("Authorization", "Bearer "+client.accessToken)
+	resp, err := htclient.Do(req)
+	if err != nil {
+		logging.Logger.WithFields(logrus.Fields{"method": "FindOIDCGroupID"}).Error(err)
+		return ""
+	}
+	defer resp.Body.Close()
+	ret := make([]map[string]any, 0)
+	err = json.NewDecoder(resp.Body).Decode(&ret)
+	if err != nil {
+		logging.Logger.WithFields(logrus.Fields{"method": "FindOIDCGroupID"}).Error(err)
+		return ""
+	}
+	//Example:
+	//[{"id":"47dd1a94-853c-426d-b181-6d0714074892","name":"eboard","path":"/eboard","subGroups":[{"id":"66b9578a-2b58-46a6-8040-59388e57e830","name":"eboard-opcomm","path":"/eboard/eboard-opcomm","subGroups":[]}]}]
+	//it returns as an array for SOME reason, so we cut to the group we want
+	group := ret[0]
+	// and now we have SUBgroups, so we do this fucked parse
+	subGroups := group["subGroups"].([]any)
+	fmt.Println(subGroups)
+	subGroup := subGroups[0].(map[string]interface{})
+	fmt.Println(subGroup)
+	gid := subGroup["id"].(string)
+	groupCache[name] = gid
+	return gid
+
+}
+
 func (client *OIDCClient) GetOIDCGroup(groupID string) []OIDCUser {
 	htclient := &http.Client{}
 	//active