- add selfmanagement

2016-07-09 10:47:39 +02:00
parent 690f7e8996
commit dc3cdfbc0b
4 changed files with 67 additions and 1 deletions
--- a/app/database.py
+++ b/app/database.py
@@ -160,7 +160,7 @@ def add_rfid_id(rfid_id, userid):

 def update_user(u):
    #query_db("UPDATE users SET (NAME, LONGNAME, EMAIL, RFID_ID, ISBLACK, ISBARON, ISSHOWN) VALUES (?, ?, ?, ?, ?, ?, ?) WHERE ID=?", (u.name, u.longname, u.email, u.rfid_id, u.isblack, u.isbaron, u.isshown, u.id))
-    query_db("UPDATE users SET NAME=?, LONGNAME=?, EMAIL=?, ISBLACK=?, ISBARON=?, ISSHOWN=?, AUTOBLACK=?, ONLYRFID=? WHERE ID=?", (u.name, u.longname, u.email, u.isblack, u.isbaron, u.isshown, u.autoblack, u.onlyrfid ,u.id))
+    query_db("UPDATE users SET NAME=?, LONGNAME=?, EMAIL=?, PASSWORD=?, ISBLACK=?, ISBARON=?, ISSHOWN=?, AUTOBLACK=?, ONLYRFID=? WHERE ID=?", (u.name, u.longname, u.email, u.password, u.isblack, u.isbaron, u.isshown, u.autoblack, u.onlyrfid ,u.id))
    set_rfid_to_userid(u.rfid_id, u.id)
    get_db().commit()

--- a/app/templates/base.html
+++ b/app/templates/base.html
@@ -29,6 +29,7 @@
 		<a href="/logout"><div class="item" style="float:right;">Logout</div></a>
 		<a href="/consume"><div class="item">Konsumieren</div></a>
 		<a href="/personal"><div class="item">Personal</div></a>
+		<a href="/selfmanagement"><div class="item">Einstellungen</div></a>
 		{% if user.isbaron %}
 		<a href="/billing"><div class="item">Billing</div></a>
 		<a href="/manage_beverages"><div class="item">Konsumatverwaltung</div></a>
--- a/app/templates/selfmanagement.html
+++ b/app/templates/selfmanagement.html
@@ -0,0 +1,24 @@
+{% extends "base.html"%}
+{% set title = "Konsumentenverwaltung" %}
+{% block content %}
+	<h1> Einstellungen ändern </h1>
+		{% if success %}
+		<p>{{ success }}</p>
+		{% endif %}
+	<form name="user" method="post" action="/selfmanagement">
+		Die Euml ID wird angezeigt wenn du ein unbekanntes RFID Tag an den RFID reader hältst.
+		<br>Euml ID (falls mehrere durch ; trennen):<br><input type="text" name=rfid_id value="{{ user.rfid_id }}"><br>
+		<br>
+		Falls du nicht in der Liste am touchscreen angezeigt werden willst, musst du hier ein Kreuz setzen.
+		<br>Nur RFID-kreuzen <input type="checkbox" name="onlyrfid" {% if user.onlyrfid %} checked {% endif %} /><br>
+
+		<br>
+		Falls du ein neues Passwort eingibts wird dieses geändert.
+		Neues Passwort:<br><input type="password" name=password1 placeholder="Password"><br>
+		Neues Passwort wiederholen:<br><input type="password" name=password2 placeholder="Password"><br>
+		<br>
+		Du musst für jede Änderung dein aktuelles Passwort eingeben.
+		Neues Passwort wiederholen:<br><input type="password" name=password_old required placeholder="Password"><br>
+		<input type="submit" value="Hinzufügen">
+	</form>
+{% endblock %}
--- a/app/views.py
+++ b/app/views.py
@@ -153,6 +153,9 @@ def manage_users_edit(name=None):
        else:
            u.onlyrfid = False

+        u2 = get_user_by_id(u.id)
+        u.password = u2.password
+
        update_user(u)

        return redirect('/manage_users')
@@ -345,6 +348,44 @@ def send_mass_mail(name=None):
        return render_template('billing_mass_mail.html', user=get_user_by_name(session.get('name')))


+@app.route('/selfmanagement', methods=['GET', 'POST'])
+@requires_login
+def selfmanagement():
+    if request.method == 'POST':
+        u = get_user_by_name(session.get('name'))
+        if not bcrypt.checkpw(request.form['password_old'], u.password):
+            success = "Passwort falsch!"
+        else:
+            if ('password1' in request.form) & ('password2' in request.form):
+                if request.form['password1'] == request.form['password2']:
+                    u.password = bcrypt.hashpw(request.form['password1'], bcrypt.gensalt())
+
+                    u.rfid_id = request.form['rfid_id']
+
+                    if 'onlyrfid' in request.form:
+                        u.onlyrfid = True
+                    else:
+                        u.onlyrfid = False
+                    update_user(u)
+                    success = u'Einstellungen wurden übernommen!'
+                else:
+                    success = u'Neue Passwörter stimmen nicht überein!'
+            else:
+                u.rfid_id = request.form['rfid_id']
+
+                if 'onlyrfid' in request.form:
+                    u.onlyrfid = True
+                else:
+                    u.onlyrfid = False
+
+                update_user(u)
+                success = u'Einstellungen wurden übernommen!'
+
+        return render_template('selfmanagement.html', success=success, user=get_user_by_name(session.get('name')))
+
+    if request.method == 'GET':
+        return render_template('selfmanagement.html', user=get_user_by_name(session.get('name')))
+
 #migrate the db to hashed passwords
 #@app.route('/hashdb')
 #@requires_baron