|
|
|
@ -6,7 +6,7 @@ from functools import wraps
|
|
|
|
|
from sqlalchemy.sql import select
|
|
|
|
|
from sqlalchemy.sql import text
|
|
|
|
|
from flask import Flask
|
|
|
|
|
from flask import render_template, send_from_directory, request, Response, send_file
|
|
|
|
|
from flask import render_template, send_from_directory, request, Response, send_file, session
|
|
|
|
|
from PIL import Image, ImageDraw
|
|
|
|
|
from io import BytesIO
|
|
|
|
|
from os import listdir
|
|
|
|
@ -30,12 +30,21 @@ def getContainers():
|
|
|
|
|
return containers
|
|
|
|
|
|
|
|
|
|
def check_auth(username, password):
|
|
|
|
|
admin_list = []
|
|
|
|
|
with open('edit_admin.json', 'r') as admin:
|
|
|
|
|
admin_list = json.load(admin)
|
|
|
|
|
for user in admin_list:
|
|
|
|
|
if username == user['username']:
|
|
|
|
|
return password == user['password']
|
|
|
|
|
query = "select id, password from users where username=:usrnm;"
|
|
|
|
|
r = db_engine.execute(text(query), usrnm=username)
|
|
|
|
|
results = []
|
|
|
|
|
for row in r:
|
|
|
|
|
results.append(dict(row))
|
|
|
|
|
r.close()
|
|
|
|
|
if len(results)!=1:
|
|
|
|
|
return False;
|
|
|
|
|
|
|
|
|
|
if results[0]['password']==password:
|
|
|
|
|
session['uid'] = results[0]['id']
|
|
|
|
|
print (session['uid'])
|
|
|
|
|
return True
|
|
|
|
|
else:
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
def authenticate():
|
|
|
|
|
return Response('Could not verify access level. Please retry', 401, {'WWW-Authenticate' : 'Basic realm="Login Required"'})
|
|
|
|
@ -97,7 +106,7 @@ def alterLocation(locationID):
|
|
|
|
|
if locationID < 0:
|
|
|
|
|
# New entry
|
|
|
|
|
s = 'insert into locations (name, container_id) '
|
|
|
|
|
s += 'values (:name, :container);'
|
|
|
|
|
s += 'values (:name, :container, :userid);'
|
|
|
|
|
s = text(s)
|
|
|
|
|
r = db_engine.execute(s,name=request.form['name'],container=request.form['container']);
|
|
|
|
|
r.close()
|
|
|
|
@ -201,8 +210,8 @@ def alter(partID):
|
|
|
|
|
r = {}
|
|
|
|
|
if partID < 0:
|
|
|
|
|
# New entry
|
|
|
|
|
s = 'insert into parts (partno, description, datasheet, location_id) '
|
|
|
|
|
s += 'values (:partno, :description, :datasheet, :location_id) returning id;'
|
|
|
|
|
s = 'insert into parts (partno, description, datasheet, location_id, whoadded) '
|
|
|
|
|
s += 'values (:partno, :description, :datasheet, :location_id, :user_id) returning id;'
|
|
|
|
|
s = text(s)
|
|
|
|
|
if len(request.files) != 0:
|
|
|
|
|
datasheet_file = request.files['datasheet-file']
|
|
|
|
@ -223,7 +232,9 @@ def alter(partID):
|
|
|
|
|
r = db_engine.execute(s, partno=request.form['partno'],
|
|
|
|
|
description=request.form['description'],
|
|
|
|
|
datasheet=datasheet_filename,
|
|
|
|
|
location_id=request.form['location_id'])
|
|
|
|
|
location_id=request.form['location_id'],
|
|
|
|
|
user_id=session['uid']
|
|
|
|
|
)
|
|
|
|
|
else:
|
|
|
|
|
# Modify entry
|
|
|
|
|
r = db_engine.execute(text('select * from parts where id=:id;'), id=partID)
|
|
|
|
@ -316,6 +327,8 @@ def connect(user, password, db, host='localhost', port=5432):
|
|
|
|
|
return con, meta
|
|
|
|
|
|
|
|
|
|
if __name__ == '__main__':
|
|
|
|
|
app.secret_key = 'asuiygdiahsdo[ainsfl]asfkjnb;asklnj'
|
|
|
|
|
app.config['SESSION_TYPE'] = 'memcached'
|
|
|
|
|
with open('admin.json') as f:
|
|
|
|
|
postgres_credentials = json.load(f)
|
|
|
|
|
db_engine, db_metadata = connect(postgres_credentials['username'], postgres_credentials['password'], 'parts_v2')
|
|
|
|
|