added tracking of who added which part; requires database update though.

pull/3/head
Marek Baczynski 6 years ago
parent e5f6341d4e
commit e3f25e76f2

@ -6,7 +6,7 @@ from functools import wraps
from sqlalchemy.sql import select from sqlalchemy.sql import select
from sqlalchemy.sql import text from sqlalchemy.sql import text
from flask import Flask from flask import Flask
from flask import render_template, send_from_directory, request, Response, send_file from flask import render_template, send_from_directory, request, Response, send_file, session
from PIL import Image, ImageDraw from PIL import Image, ImageDraw
from io import BytesIO from io import BytesIO
from os import listdir from os import listdir
@ -30,12 +30,21 @@ def getContainers():
return containers return containers
def check_auth(username, password): def check_auth(username, password):
admin_list = [] query = "select id, password from users where username=:usrnm;"
with open('edit_admin.json', 'r') as admin: r = db_engine.execute(text(query), usrnm=username)
admin_list = json.load(admin) results = []
for user in admin_list: for row in r:
if username == user['username']: results.append(dict(row))
return password == user['password'] r.close()
if len(results)!=1:
return False;
if results[0]['password']==password:
session['uid'] = results[0]['id']
print (session['uid'])
return True
else:
return False
def authenticate(): def authenticate():
return Response('Could not verify access level. Please retry', 401, {'WWW-Authenticate' : 'Basic realm="Login Required"'}) return Response('Could not verify access level. Please retry', 401, {'WWW-Authenticate' : 'Basic realm="Login Required"'})
@ -97,7 +106,7 @@ def alterLocation(locationID):
if locationID < 0: if locationID < 0:
# New entry # New entry
s = 'insert into locations (name, container_id) ' s = 'insert into locations (name, container_id) '
s += 'values (:name, :container);' s += 'values (:name, :container, :userid);'
s = text(s) s = text(s)
r = db_engine.execute(s,name=request.form['name'],container=request.form['container']); r = db_engine.execute(s,name=request.form['name'],container=request.form['container']);
r.close() r.close()
@ -201,8 +210,8 @@ def alter(partID):
r = {} r = {}
if partID < 0: if partID < 0:
# New entry # New entry
s = 'insert into parts (partno, description, datasheet, location_id) ' s = 'insert into parts (partno, description, datasheet, location_id, whoadded) '
s += 'values (:partno, :description, :datasheet, :location_id) returning id;' s += 'values (:partno, :description, :datasheet, :location_id, :user_id) returning id;'
s = text(s) s = text(s)
if len(request.files) != 0: if len(request.files) != 0:
datasheet_file = request.files['datasheet-file'] datasheet_file = request.files['datasheet-file']
@ -223,7 +232,9 @@ def alter(partID):
r = db_engine.execute(s, partno=request.form['partno'], r = db_engine.execute(s, partno=request.form['partno'],
description=request.form['description'], description=request.form['description'],
datasheet=datasheet_filename, datasheet=datasheet_filename,
location_id=request.form['location_id']) location_id=request.form['location_id'],
user_id=session['uid']
)
else: else:
# Modify entry # Modify entry
r = db_engine.execute(text('select * from parts where id=:id;'), id=partID) r = db_engine.execute(text('select * from parts where id=:id;'), id=partID)
@ -316,6 +327,8 @@ def connect(user, password, db, host='localhost', port=5432):
return con, meta return con, meta
if __name__ == '__main__': if __name__ == '__main__':
app.secret_key = 'asuiygdiahsdo[ainsfl]asfkjnb;asklnj'
app.config['SESSION_TYPE'] = 'memcached'
with open('admin.json') as f: with open('admin.json') as f:
postgres_credentials = json.load(f) postgres_credentials = json.load(f)
db_engine, db_metadata = connect(postgres_credentials['username'], postgres_credentials['password'], 'parts_v2') db_engine, db_metadata = connect(postgres_credentials['username'], postgres_credentials['password'], 'parts_v2')

Loading…
Cancel
Save