From 5939ad64c1ba5beae8bf3a5132eb26ab68815674 Mon Sep 17 00:00:00 2001
From: SimolZimol <70102430+SimolZimol@users.noreply.github.com>
Date: Fri, 25 Oct 2024 11:11:42 +0200
Subject: [PATCH] 	modified:   app.py

---
 app.py | 144 +++++++++++++++++++++++++++++++++++++++------------------
 1 file changed, 100 insertions(+), 44 deletions(-)

diff --git a/app.py b/app.py
index 6721b77..afd4e32 100644
--- a/app.py
+++ b/app.py
@@ -90,18 +90,40 @@ def make_discord_session(token=None, state=None):
         token_updater=token_updater
     )
 
-@app.before_request
-def load_user_data():
-    """Lädt Benutzerdaten vor jeder Anfrage für geschützte Routen."""
+
+def is_bot_admin():
+    """Überprüft, ob der Benutzer globale Admin-Rechte hat."""
     if "discord_user" in session:
-        g.user_info = session["discord_user"]
-        g.is_admin = session.get("is_admin", False)
-        g.guilds = session.get("discord_guilds", [])
-    else:
-        # Falls der Benutzer nicht eingeloggt ist, keine Daten setzen
-        g.user_info = None
-        g.is_admin = False
-        g.guilds = []
+        user_info = session["discord_user"]
+        user_id = user_info["id"]
+        
+        connection = get_db_connection()
+        cursor = connection.cursor(dictionary=True)
+        cursor.execute("SELECT global_permission FROM bot_data WHERE user_id = %s", (user_id,))
+        user_data = cursor.fetchone()
+        
+        cursor.close()
+        connection.close()
+
+        return user_data and user_data["global_permission"] >= 8
+    return False
+
+def is_server_admin(guild_id):
+    """Überprüft, ob der Benutzer Admin-Rechte auf einem bestimmten Server (Guild) hat."""
+    if "discord_user" in session:
+        user_info = session["discord_user"]
+        user_id = user_info["id"]
+        
+        connection = get_db_connection()
+        cursor = connection.cursor(dictionary=True)
+        cursor.execute("SELECT permission FROM user_data WHERE user_id = %s AND guild_id = %s", (user_id, guild_id))
+        user_data = cursor.fetchone()
+        
+        cursor.close()
+        connection.close()
+
+        return user_data and user_data["permission"] >= 8
+    return False
 
 @app.route("/")
 def landing_page():
@@ -137,6 +159,17 @@ def login():
     session['oauth_state'] = state
     return redirect(authorization_url)
 
+@app.before_request
+def load_user_data():
+    """Lädt Benutzerdaten vor jeder Anfrage für geschützte Routen."""
+    if "discord_user" in session:
+        g.user_info = session["discord_user"]
+        g.is_admin = session.get("is_admin", False)
+    else:
+        # Falls der Benutzer nicht eingeloggt ist, keine Daten setzen
+        g.user_info = None
+        g.is_admin = False
+
 @app.route("/callback")
 def callback():
     """Verarbeitet den OAuth2-Rückruf von Discord."""
@@ -184,42 +217,29 @@ def callback():
         print(f"Error in OAuth2 callback: {e}")
         flash("Ein Fehler ist beim Authentifizierungsprozess aufgetreten.", "danger")
         return redirect(url_for("landing_page"))
+   
+@app.route("/user_server_data/<int:guild_id>")
+def user_server_data(guild_id):
+    """Zeigt die serverbezogenen Nutzerdaten für den ausgewählten Server an."""
+    if "discord_user" in session:
+        user_info = session["discord_user"]
+        user_id = user_info["id"]
 
-@app.route("/user_landing_page")
-def user_landing_page():
-    """Zeigt die globale Benutzerdaten und die Liste der Server an."""
-    if g.user_info:
-        return render_template("user_landing_page.html")
-    
-    return redirect(url_for("landing_page"))
-
-@app.route("/global_admin_dashboard")
-def global_admin_dashboard():
-    """Globales Admin-Dashboard nur für globale Admins"""
-    if g.is_admin:
-        g.bot_running = bot_status()  # Funktion, die den Status des Bots prüft
-        return render_template("global_admin_dashboard.html")
-    return redirect(url_for("user_landing_page"))
-
-@app.route("/user_dashboard/<int:guild_id>")
-def user_dashboard(guild_id):
-    """Serverbasiertes User-Dashboard"""
-    if g.user_info:
-        user_id = g.user_info["id"]
-
-        # Hole die serverbezogenen Nutzerdaten
         connection = get_db_connection()
         cursor = connection.cursor(dictionary=True)
 
+        # Hole die serverbezogenen Nutzerdaten
         cursor.execute("SELECT * FROM user_data WHERE user_id = %s AND guild_id = %s", (user_id, guild_id))
-        g.user_data = cursor.fetchone()
+        user_data = cursor.fetchone()
 
         cursor.close()
         connection.close()
 
-        if g.user_data:
-            g.guild_id = guild_id
-            return render_template("user_dashboard.html")
+        if user_data:
+            return render_template("user_server_data.html", user_info=user_info, user_data=user_data, guild_id=guild_id)
+        else:
+            flash("Keine Daten für diesen Server gefunden.", "warning")
+            return redirect(url_for("user_landing_page"))
 
     return redirect(url_for("landing_page"))
 
@@ -237,18 +257,38 @@ def server_admin_dashboard(guild_id):
         user_data = cursor.fetchone()
 
         cursor.execute("SELECT name FROM guilds WHERE guild_id = %s", (guild_id,))  # Nehme an, du speicherst Guild-Infos
-        g.guild_name = cursor.fetchone()["name"]
+        guild_name = cursor.fetchone()["name"]
 
         cursor.close()
         connection.close()
 
         if user_data and user_data['permission'] >= 8:
             # Benutzer ist Admin auf diesem Server
-            g.guild_id = guild_id
-            return render_template("server_admin_dashboard.html")
+            return render_template("server_admin_dashboard.html", guild_id=guild_id, guild_name=guild_name)
 
     return redirect(url_for("user_landing_page"))
 
+@app.route("/user_dashboard/<int:guild_id>")
+def user_dashboard(guild_id):
+    """Serverbasiertes User-Dashboard"""
+    if g.user_info:
+        user_id = g.user_info["id"]
+
+        # Hole die serverbezogenen Nutzerdaten
+        connection = get_db_connection()
+        cursor = connection.cursor(dictionary=True)
+
+        cursor.execute("SELECT * FROM user_data WHERE user_id = %s AND guild_id = %s", (user_id, guild_id))
+        user_data = cursor.fetchone()
+
+        cursor.close()
+        connection.close()
+
+        if user_data:
+            return render_template("user_dashboard.html", user_info=g.user_info, user_data=user_data, guild_id=guild_id)
+
+    return redirect(url_for("landing_page"))
+
 @app.route("/server_giveaways/<int:guild_id>")
 def server_giveaways(guild_id):
     """Serverbasiertes Giveaway-Management"""
@@ -265,16 +305,32 @@ def server_giveaways(guild_id):
         if user_data and user_data['permission'] >= 8:
             # Hole die Giveaways für diesen Server
             cursor.execute("SELECT * FROM giveaway_data WHERE guild_id = %s", (guild_id,))
-            g.giveaways = cursor.fetchall()
+            giveaways = cursor.fetchall()
 
             cursor.close()
             connection.close()
 
-            g.guild_id = guild_id
-            return render_template("server_giveaways.html")
+            return render_template("server_giveaways.html", giveaways=giveaways, guild_id=guild_id)
 
     return redirect(url_for("user_landing_page"))
 
+@app.route("/user_landing_page")
+def user_landing_page():
+    """Zeigt die globale Benutzerdaten und die Liste der Server an."""
+    if g.user_info and "discord_guilds" in session:
+        guilds = session["discord_guilds"]
+        return render_template("user_landing_page.html", user_info=g.user_info, guilds=guilds)
+    
+    return redirect(url_for("landing_page"))
+
+@app.route("/global_admin_dashboard")
+def global_admin_dashboard():
+    """Globales Admin-Dashboard nur für globale Admins"""
+    if g.is_admin:
+        bot_running = bot_status()  # Funktion, die den Status des Bots prüft
+        return render_template("global_admin_dashboard.html", user_info=g.user_info, bot_running=bot_running)
+    return redirect(url_for("user_landing_page"))
+
 @app.route("/logout")
 def logout():
     """Meldet den Benutzer ab."""