|
|
@ -29,24 +29,24 @@ def getContainers():
|
|
|
|
return containers
|
|
|
|
return containers
|
|
|
|
|
|
|
|
|
|
|
|
def check_auth(username, password):
|
|
|
|
def check_auth(username, password):
|
|
|
|
admin_list = []
|
|
|
|
admin_list = []
|
|
|
|
with open('edit_admin.json', 'r') as admin:
|
|
|
|
with open('edit_admin.json', 'r') as admin:
|
|
|
|
admin_list = json.load(admin)
|
|
|
|
admin_list = json.load(admin)
|
|
|
|
for user in admin_list:
|
|
|
|
for user in admin_list:
|
|
|
|
if username == user['username']:
|
|
|
|
if username == user['username']:
|
|
|
|
return password == user['password']
|
|
|
|
return password == user['password']
|
|
|
|
|
|
|
|
|
|
|
|
def authenticate():
|
|
|
|
def authenticate():
|
|
|
|
return Response('Could not verify access level. Please retry', 401, {'WWW-Authenticate' : 'Basic realm="Login Required"'})
|
|
|
|
return Response('Could not verify access level. Please retry', 401, {'WWW-Authenticate' : 'Basic realm="Login Required"'})
|
|
|
|
|
|
|
|
|
|
|
|
def requires_auth(f):
|
|
|
|
def requires_auth(f):
|
|
|
|
@wraps(f)
|
|
|
|
@wraps(f)
|
|
|
|
def decorated(*args, **kwargs):
|
|
|
|
def decorated(*args, **kwargs):
|
|
|
|
auth = request.authorization
|
|
|
|
auth = request.authorization
|
|
|
|
if not auth or not check_auth(auth.username, auth.password):
|
|
|
|
if not auth or not check_auth(auth.username, auth.password):
|
|
|
|
return authenticate()
|
|
|
|
return authenticate()
|
|
|
|
return f(*args, **kwargs)
|
|
|
|
return f(*args, **kwargs)
|
|
|
|
return decorated
|
|
|
|
return decorated
|
|
|
|
|
|
|
|
|
|
|
|
def serveImage(img):
|
|
|
|
def serveImage(img):
|
|
|
|
img_io = BytesIO()
|
|
|
|
img_io = BytesIO()
|
|
|
@ -89,7 +89,7 @@ def locationEditor():
|
|
|
|
return render_template('locationEditor.html', locations=locations, containers=getContainers())
|
|
|
|
return render_template('locationEditor.html', locations=locations, containers=getContainers())
|
|
|
|
|
|
|
|
|
|
|
|
@app.route('/parts/alterLocation/<locationID>', methods=['POST'])
|
|
|
|
@app.route('/parts/alterLocation/<locationID>', methods=['POST'])
|
|
|
|
# @requires_auth
|
|
|
|
@requires_auth
|
|
|
|
def alterLocation(locationID):
|
|
|
|
def alterLocation(locationID):
|
|
|
|
locationID = int(locationID)
|
|
|
|
locationID = int(locationID)
|
|
|
|
s = ''
|
|
|
|
s = ''
|
|
|
@ -193,7 +193,7 @@ def getfile(filename):
|
|
|
|
return send_from_directory('/srv/datasheets/', filename + '.pdf')
|
|
|
|
return send_from_directory('/srv/datasheets/', filename + '.pdf')
|
|
|
|
|
|
|
|
|
|
|
|
@app.route('/parts/alter/<partID>', methods=['POST'])
|
|
|
|
@app.route('/parts/alter/<partID>', methods=['POST'])
|
|
|
|
# @requires_auth
|
|
|
|
@requires_auth
|
|
|
|
def alter(partID):
|
|
|
|
def alter(partID):
|
|
|
|
partID = int(partID)
|
|
|
|
partID = int(partID)
|
|
|
|
s = ''
|
|
|
|
s = ''
|
|
|
@ -212,10 +212,14 @@ def alter(partID):
|
|
|
|
i += 1
|
|
|
|
i += 1
|
|
|
|
datasheet_file.save('/srv/datasheets/' + datasheet_filename)
|
|
|
|
datasheet_file.save('/srv/datasheets/' + datasheet_filename)
|
|
|
|
datasheet_filename = 'http://elab.kth.se/parts/getfile/' + datasheet_filename
|
|
|
|
datasheet_filename = 'http://elab.kth.se/parts/getfile/' + datasheet_filename
|
|
|
|
elif request.form.has_key('datasheet-url'):
|
|
|
|
# elif request.form.has_key('datasheet-url'):
|
|
|
|
datasheet_filename = request.form['datasheet-url']
|
|
|
|
# datasheet_filename = request.form['datasheet-url']
|
|
|
|
else:
|
|
|
|
else:
|
|
|
|
datasheet_filename = None
|
|
|
|
try:
|
|
|
|
|
|
|
|
datasheet_filename = request.form['datasheet-url']
|
|
|
|
|
|
|
|
except:
|
|
|
|
|
|
|
|
print('No docs provided')
|
|
|
|
|
|
|
|
datasheet_filename = None
|
|
|
|
r = db_engine.execute(s, partno=request.form['partno'],
|
|
|
|
r = db_engine.execute(s, partno=request.form['partno'],
|
|
|
|
description=request.form['description'],
|
|
|
|
description=request.form['description'],
|
|
|
|
datasheet=datasheet_filename,
|
|
|
|
datasheet=datasheet_filename,
|
|
|
@ -240,10 +244,14 @@ def alter(partID):
|
|
|
|
datasheet_filename = 'http://elab.kth.se/parts/getfile/' + datasheet_filename
|
|
|
|
datasheet_filename = 'http://elab.kth.se/parts/getfile/' + datasheet_filename
|
|
|
|
if l[0]['datasheet'] != None:
|
|
|
|
if l[0]['datasheet'] != None:
|
|
|
|
os.remove('/srv/datasheets/' + l[0]['datasheet'])
|
|
|
|
os.remove('/srv/datasheets/' + l[0]['datasheet'])
|
|
|
|
elif request.form.has_key('datasheet-url'):
|
|
|
|
# elif request.form.has_key('datasheet-url'):
|
|
|
|
datasheet_filename = request.form['datasheet-url']
|
|
|
|
# datasheet_filename = request.form['datasheet-url']
|
|
|
|
else:
|
|
|
|
else:
|
|
|
|
datasheet_filename = l[0]['datasheet']
|
|
|
|
try:
|
|
|
|
|
|
|
|
datasheet_filename = request.form['datasheet-url']
|
|
|
|
|
|
|
|
except:
|
|
|
|
|
|
|
|
print('No docs provided')
|
|
|
|
|
|
|
|
datasheet_filename = l[0]['datasheet']
|
|
|
|
s += 'where id=:id returning id;'
|
|
|
|
s += 'where id=:id returning id;'
|
|
|
|
s = text(s)
|
|
|
|
s = text(s)
|
|
|
|
r = db_engine.execute(s, partno=request.form['partno'],
|
|
|
|
r = db_engine.execute(s, partno=request.form['partno'],
|
|
|
|