From c29d0af836d48d2516f367c2f8dfa480543eccde Mon Sep 17 00:00:00 2001 From: Marek Baczynski Date: Tue, 13 Nov 2018 18:14:16 +0100 Subject: [PATCH 1/2] main results table width limited --- parts/static/style.css | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/parts/static/style.css b/parts/static/style.css index ff0aa90..c7bf5ea 100644 --- a/parts/static/style.css +++ b/parts/static/style.css @@ -286,6 +286,9 @@ div label input { table#results { width: 100%; + max-width: 1280px; + margin-left: auto; + margin-right: auto; border-collapse: collapse; } @@ -409,7 +412,5 @@ td p { } .results-locations{ - max-width: 1000px; - margin-left: auto; - margin-right: auto; + } \ No newline at end of file From e3f25e76f2b50eed6d32d5b447dfa82fe571ed86 Mon Sep 17 00:00:00 2001 From: Marek Baczynski Date: Tue, 13 Nov 2018 19:12:45 +0100 Subject: [PATCH 2/2] added tracking of who added which part; requires database update though. --- parts/server.py | 35 ++++++++++++++++++++++++----------- 1 file changed, 24 insertions(+), 11 deletions(-) diff --git a/parts/server.py b/parts/server.py index cdcff6f..6f4e4d1 100644 --- a/parts/server.py +++ b/parts/server.py @@ -6,7 +6,7 @@ from functools import wraps from sqlalchemy.sql import select from sqlalchemy.sql import text from flask import Flask -from flask import render_template, send_from_directory, request, Response, send_file +from flask import render_template, send_from_directory, request, Response, send_file, session from PIL import Image, ImageDraw from io import BytesIO from os import listdir @@ -30,12 +30,21 @@ def getContainers(): return containers def check_auth(username, password): - admin_list = [] - with open('edit_admin.json', 'r') as admin: - admin_list = json.load(admin) - for user in admin_list: - if username == user['username']: - return password == user['password'] + query = "select id, password from users where username=:usrnm;" + r = db_engine.execute(text(query), usrnm=username) + results = [] + for row in r: + results.append(dict(row)) + r.close() + if len(results)!=1: + return False; + + if results[0]['password']==password: + session['uid'] = results[0]['id'] + print (session['uid']) + return True + else: + return False def authenticate(): return Response('Could not verify access level. Please retry', 401, {'WWW-Authenticate' : 'Basic realm="Login Required"'}) @@ -97,7 +106,7 @@ def alterLocation(locationID): if locationID < 0: # New entry s = 'insert into locations (name, container_id) ' - s += 'values (:name, :container);' + s += 'values (:name, :container, :userid);' s = text(s) r = db_engine.execute(s,name=request.form['name'],container=request.form['container']); r.close() @@ -201,8 +210,8 @@ def alter(partID): r = {} if partID < 0: # New entry - s = 'insert into parts (partno, description, datasheet, location_id) ' - s += 'values (:partno, :description, :datasheet, :location_id) returning id;' + s = 'insert into parts (partno, description, datasheet, location_id, whoadded) ' + s += 'values (:partno, :description, :datasheet, :location_id, :user_id) returning id;' s = text(s) if len(request.files) != 0: datasheet_file = request.files['datasheet-file'] @@ -223,7 +232,9 @@ def alter(partID): r = db_engine.execute(s, partno=request.form['partno'], description=request.form['description'], datasheet=datasheet_filename, - location_id=request.form['location_id']) + location_id=request.form['location_id'], + user_id=session['uid'] + ) else: # Modify entry r = db_engine.execute(text('select * from parts where id=:id;'), id=partID) @@ -316,6 +327,8 @@ def connect(user, password, db, host='localhost', port=5432): return con, meta if __name__ == '__main__': + app.secret_key = 'asuiygdiahsdo[ainsfl]asfkjnb;asklnj' + app.config['SESSION_TYPE'] = 'memcached' with open('admin.json') as f: postgres_credentials = json.load(f) db_engine, db_metadata = connect(postgres_credentials['username'], postgres_credentials['password'], 'parts_v2')