3 files changed, 121 insertions, 2 deletions

diff --git a/pysite/tables.py b/pysite/tables.py
index e7e47215..ad864fee 100644
--- a/pysite/tables.py
+++ b/pysite/tables.py
@@ -44,7 +44,7 @@ TABLES = {
             "info_rst",  # str
             "info_html",  # str
             "number",  # int
-            "participants",  # list[int]
+            "participants",  # list[str]
             "repo",  # str
             "state",  # str
             "task_html",  # str
diff --git a/pysite/views/staff/jams/actions.py b/pysite/views/staff/jams/actions.py
index 059f8969..ba5a66e9 100644
--- a/pysite/views/staff/jams/actions.py
+++ b/pysite/views/staff/jams/actions.py
@@ -6,7 +6,10 @@ from pysite.decorators import csrf, require_roles
 from pysite.mixins import DBMixin
 
 GET_ACTIONS = ["questions"]
-POST_ACTIONS = ["associate_question", "disassociate_question", "infraction", "questions", "state"]
+POST_ACTIONS = [
+    "associate_question", "disassociate_question", "infraction", "questions", "state", "approve_application",
+    "unapprove_application"
+]
 DELETE_ACTIONS = ["infraction", "question"]
 KEYS = ["action"]
 
@@ -21,6 +24,7 @@ class ActionView(APIView, DBMixin):
     forms_table = "code_jam_forms"
     infractions_table = "code_jam_infractions"
     questions_table = "code_jam_questions"
+    responses_table = "code_jam_responses"
 
     @csrf
     @require_roles(*ALL_STAFF_ROLES)
@@ -188,6 +192,69 @@ class ActionView(APIView, DBMixin):
 
             return jsonify({"id": result["generated_keys"][0]})
 
+        if action == "approve_application":
+            app = request.args.get("id")
+
+            if not app:
+                return self.error(
+                    ErrorCodes.incorrect_parameters, "Application ID required"
+                )
+
+            app_obj = self.db.get(self.responses_table, app)
+
+            if not app_obj:
+                return self.error(
+                    ErrorCodes.incorrect_parameters, "Unknown application ID"
+                )
+
+            app_obj["approved"] = True
+
+            self.db.insert(self.responses_table, app_obj, conflict="replace")
+
+            jam_obj = self.db.get(self.table_name, app_obj["jam"])
+
+            snowflake = app_obj["snowflake"]
+            participants = jam_obj.get("participants", [])
+
+            if snowflake not in participants:
+                participants.append(snowflake)
+                jam_obj["participants"] = participants
+                self.db.insert(self.table_name, jam_obj, conflict="replace")
+
+            return jsonify({"result": "success"})
+
+        if action == "unapprove_application":
+            app = request.args.get("id")
+
+            if not app:
+                return self.error(
+                    ErrorCodes.incorrect_parameters, "Application ID required"
+                )
+
+            app_obj = self.db.get(self.responses_table, app)
+
+            if not app_obj:
+                return self.error(
+                    ErrorCodes.incorrect_parameters, "Unknown application ID"
+                )
+
+            app_obj["approved"] = False
+
+            self.db.insert(self.responses_table, app_obj, conflict="replace")
+
+            jam_obj = self.db.get(self.table_name, app_obj["jam"])
+
+            snowflake = app_obj["snowflake"]
+            participants = jam_obj.get("participants", [])
+
+            if snowflake in participants:
+                participants.remove(snowflake)
+                jam_obj["participants"] = participants
+
+                self.db.insert(self.table_name, jam_obj, conflict="replace")
+
+            return jsonify({"result": "success"})
+
     @csrf
     @require_roles(*ALL_STAFF_ROLES)
     def delete(self):
diff --git a/pysite/views/staff/jams/participants.py b/pysite/views/staff/jams/participants.py
new file mode 100644
index 00000000..6b95db76
--- /dev/null
+++ b/pysite/views/staff/jams/participants.py
@@ -0,0 +1,52 @@
+from rethinkdb import ReqlNonExistenceError
+from werkzeug.exceptions import NotFound
+
+from pysite.base_route import RouteView
+from pysite.constants import ALL_STAFF_ROLES
+from pysite.decorators import require_roles
+from pysite.mixins import DBMixin
+
+REQUIRED_KEYS = ["title", "date_start", "date_end"]
+
+
+class StaffView(RouteView, DBMixin):
+    path = "/jams/participants/<int:jam>"
+    name = "jams.participants"
+
+    forms_table = "code_jam_forms"
+    participants_table = "code_jam_participants"
+    questions_table = "code_jam_questions"
+    responses_table = "code_jam_responses"
+    table_name = "code_jams"
+    users_table = "users"
+
+    @require_roles(*ALL_STAFF_ROLES)
+    def get(self, jam: int):
+        try:
+            query = self.db.query(self.table_name).get(jam).merge(
+                lambda jam_obj: {
+                    "participants":
+                        self.db.query(self.responses_table)
+                            .filter({"jam": jam_obj["number"]})
+                            .eq_join("snowflake", self.db.query(self.users_table))
+                            .without({"left": "snowflake"})
+                            .zip()
+                            .coerce_to("array")
+                }
+            )
+
+            jam_data = self.db.run(query)
+        except ReqlNonExistenceError:
+            raise NotFound()
+
+        form_obj = self.db.get(self.forms_table, jam)
+        questions = {}
+
+        if form_obj:
+            for question in form_obj["questions"]:
+                questions[question] = self.db.get(self.questions_table, question)
+
+        return self.render(
+            "staff/jams/participants.html",
+            jam=jam_data, form=form_obj, questions=questions
+        )