Fixed datsheet info upload check. NOW WITH TRY-CATCH!

master
Davide Bongiovanni 6 years ago
parent 08b8646374
commit 7098d19225

@ -29,24 +29,24 @@ def getContainers():
return containers return containers
def check_auth(username, password): def check_auth(username, password):
admin_list = [] admin_list = []
with open('edit_admin.json', 'r') as admin: with open('edit_admin.json', 'r') as admin:
admin_list = json.load(admin) admin_list = json.load(admin)
for user in admin_list: for user in admin_list:
if username == user['username']: if username == user['username']:
return password == user['password'] return password == user['password']
def authenticate(): def authenticate():
return Response('Could not verify access level. Please retry', 401, {'WWW-Authenticate' : 'Basic realm="Login Required"'}) return Response('Could not verify access level. Please retry', 401, {'WWW-Authenticate' : 'Basic realm="Login Required"'})
def requires_auth(f): def requires_auth(f):
@wraps(f) @wraps(f)
def decorated(*args, **kwargs): def decorated(*args, **kwargs):
auth = request.authorization auth = request.authorization
if not auth or not check_auth(auth.username, auth.password): if not auth or not check_auth(auth.username, auth.password):
return authenticate() return authenticate()
return f(*args, **kwargs) return f(*args, **kwargs)
return decorated return decorated
def serveImage(img): def serveImage(img):
img_io = BytesIO() img_io = BytesIO()
@ -89,7 +89,7 @@ def locationEditor():
return render_template('locationEditor.html', locations=locations, containers=getContainers()) return render_template('locationEditor.html', locations=locations, containers=getContainers())
@app.route('/parts/alterLocation/<locationID>', methods=['POST']) @app.route('/parts/alterLocation/<locationID>', methods=['POST'])
# @requires_auth @requires_auth
def alterLocation(locationID): def alterLocation(locationID):
locationID = int(locationID) locationID = int(locationID)
s = '' s = ''
@ -193,7 +193,7 @@ def getfile(filename):
return send_from_directory('/srv/datasheets/', filename + '.pdf') return send_from_directory('/srv/datasheets/', filename + '.pdf')
@app.route('/parts/alter/<partID>', methods=['POST']) @app.route('/parts/alter/<partID>', methods=['POST'])
# @requires_auth @requires_auth
def alter(partID): def alter(partID):
partID = int(partID) partID = int(partID)
s = '' s = ''
@ -212,10 +212,14 @@ def alter(partID):
i += 1 i += 1
datasheet_file.save('/srv/datasheets/' + datasheet_filename) datasheet_file.save('/srv/datasheets/' + datasheet_filename)
datasheet_filename = 'http://elab.kth.se/parts/getfile/' + datasheet_filename datasheet_filename = 'http://elab.kth.se/parts/getfile/' + datasheet_filename
elif request.form.has_key('datasheet-url'): # elif request.form.has_key('datasheet-url'):
datasheet_filename = request.form['datasheet-url'] # datasheet_filename = request.form['datasheet-url']
else: else:
datasheet_filename = None try:
datasheet_filename = request.form['datasheet-url']
except:
print('No docs provided')
datasheet_filename = None
r = db_engine.execute(s, partno=request.form['partno'], r = db_engine.execute(s, partno=request.form['partno'],
description=request.form['description'], description=request.form['description'],
datasheet=datasheet_filename, datasheet=datasheet_filename,
@ -240,10 +244,14 @@ def alter(partID):
datasheet_filename = 'http://elab.kth.se/parts/getfile/' + datasheet_filename datasheet_filename = 'http://elab.kth.se/parts/getfile/' + datasheet_filename
if l[0]['datasheet'] != None: if l[0]['datasheet'] != None:
os.remove('/srv/datasheets/' + l[0]['datasheet']) os.remove('/srv/datasheets/' + l[0]['datasheet'])
elif request.form.has_key('datasheet-url'): # elif request.form.has_key('datasheet-url'):
datasheet_filename = request.form['datasheet-url'] # datasheet_filename = request.form['datasheet-url']
else: else:
datasheet_filename = l[0]['datasheet'] try:
datasheet_filename = request.form['datasheet-url']
except:
print('No docs provided')
datasheet_filename = l[0]['datasheet']
s += 'where id=:id returning id;' s += 'where id=:id returning id;'
s = text(s) s = text(s)
r = db_engine.execute(s, partno=request.form['partno'], r = db_engine.execute(s, partno=request.form['partno'],

Loading…
Cancel
Save