diff --git a/parts/server.py b/parts/server.py index 06399fd..bdf2db0 100644 --- a/parts/server.py +++ b/parts/server.py @@ -29,24 +29,24 @@ def getContainers(): return containers def check_auth(username, password): - admin_list = [] - with open('edit_admin.json', 'r') as admin: - admin_list = json.load(admin) - for user in admin_list: - if username == user['username']: - return password == user['password'] + admin_list = [] + with open('edit_admin.json', 'r') as admin: + admin_list = json.load(admin) + for user in admin_list: + if username == user['username']: + return password == user['password'] def authenticate(): - return Response('Could not verify access level. Please retry', 401, {'WWW-Authenticate' : 'Basic realm="Login Required"'}) + return Response('Could not verify access level. Please retry', 401, {'WWW-Authenticate' : 'Basic realm="Login Required"'}) def requires_auth(f): - @wraps(f) - def decorated(*args, **kwargs): - auth = request.authorization - if not auth or not check_auth(auth.username, auth.password): - return authenticate() - return f(*args, **kwargs) - return decorated + @wraps(f) + def decorated(*args, **kwargs): + auth = request.authorization + if not auth or not check_auth(auth.username, auth.password): + return authenticate() + return f(*args, **kwargs) + return decorated def serveImage(img): img_io = BytesIO() @@ -89,7 +89,7 @@ def locationEditor(): return render_template('locationEditor.html', locations=locations, containers=getContainers()) @app.route('/parts/alterLocation/', methods=['POST']) -# @requires_auth +@requires_auth def alterLocation(locationID): locationID = int(locationID) s = '' @@ -193,7 +193,7 @@ def getfile(filename): return send_from_directory('/srv/datasheets/', filename + '.pdf') @app.route('/parts/alter/', methods=['POST']) -# @requires_auth +@requires_auth def alter(partID): partID = int(partID) s = '' @@ -212,10 +212,14 @@ def alter(partID): i += 1 datasheet_file.save('/srv/datasheets/' + datasheet_filename) datasheet_filename = 'http://elab.kth.se/parts/getfile/' + datasheet_filename - elif request.form.has_key('datasheet-url'): - datasheet_filename = request.form['datasheet-url'] + # elif request.form.has_key('datasheet-url'): + # datasheet_filename = request.form['datasheet-url'] else: - datasheet_filename = None + try: + datasheet_filename = request.form['datasheet-url'] + except: + print('No docs provided') + datasheet_filename = None r = db_engine.execute(s, partno=request.form['partno'], description=request.form['description'], datasheet=datasheet_filename, @@ -240,10 +244,14 @@ def alter(partID): datasheet_filename = 'http://elab.kth.se/parts/getfile/' + datasheet_filename if l[0]['datasheet'] != None: os.remove('/srv/datasheets/' + l[0]['datasheet']) - elif request.form.has_key('datasheet-url'): - datasheet_filename = request.form['datasheet-url'] + # elif request.form.has_key('datasheet-url'): + # datasheet_filename = request.form['datasheet-url'] else: - datasheet_filename = l[0]['datasheet'] + try: + datasheet_filename = request.form['datasheet-url'] + except: + print('No docs provided') + datasheet_filename = l[0]['datasheet'] s += 'where id=:id returning id;' s = text(s) r = db_engine.execute(s, partno=request.form['partno'],