406 lines
14 KiB
Python
406 lines
14 KiB
Python
# -*- coding: utf-8 -*-
|
|
|
|
from check_rights import *
|
|
from flask import render_template, request, redirect, session, send_from_directory
|
|
from app import app
|
|
from database import *
|
|
from plot import *
|
|
from user import User
|
|
from fridge import Fridge, Sensor
|
|
from product import Product
|
|
from send_email import send_email, send_emails, parse_email
|
|
from consumption import Consumption
|
|
import bcrypt
|
|
import os
|
|
from settings import *
|
|
import time
|
|
|
|
# makes the variable timehex available in all templates
|
|
@app.context_processor
|
|
def inject_time():
|
|
return dict(timestamp=time.time().__int__())
|
|
|
|
@app.route('/static/<path:path>')
|
|
def static_proxy(path):
|
|
return send_from_directory('./static/', path)
|
|
|
|
|
|
@app.route('/')
|
|
@app.route('/index')
|
|
def index():
|
|
consumed = get_consumed()
|
|
#plot_total()
|
|
#plot_list(4)
|
|
#generate_test_users()
|
|
#generate_test_consumptions()
|
|
return render_template("index.html", consumed=consumed, user=get_user_by_name(session.get('name')))
|
|
|
|
|
|
@app.route('/login', methods=['POST', 'GET'])
|
|
def login():
|
|
error = None
|
|
|
|
if 'name' in session: #check if usr is already logged in
|
|
return redirect('/')
|
|
|
|
if request.method == 'POST':
|
|
u = User()
|
|
u.name = request.form['username'].lower()
|
|
|
|
u = get_user(u)
|
|
|
|
if u is None:
|
|
error = 'User does not exist!'
|
|
return render_template('login.html', error=error, user=get_user_by_name(session.get('name')))
|
|
#if u.password != request.form['password']:
|
|
# bcrypt.checkpy(plaintxt, hash)
|
|
if not bcrypt.checkpw(request.form['password'], u.password):
|
|
error = 'Wrong password!'
|
|
return render_template('login.html', error=error, user=get_user_by_name(session.get('name')))
|
|
|
|
session['name'] = u.name
|
|
return redirect('/')
|
|
|
|
return render_template('login.html', error=error, user=get_user_by_name(session.get('name')))
|
|
|
|
|
|
@app.route('/logout')
|
|
@requires_login
|
|
def logout():
|
|
session.pop('name', None)
|
|
return redirect('/')
|
|
|
|
|
|
@app.route('/fridges')
|
|
def fridges():
|
|
return render_template('fridges.html', fridges=settings.fridges, user=get_user_by_name(session.get('name')))
|
|
|
|
|
|
@app.route('/manage_users')
|
|
@requires_baron
|
|
def manage_users():
|
|
users = get_users()
|
|
return render_template('manage_users.html', users=users, user=get_user_by_name(session.get('name')))
|
|
|
|
|
|
@app.route('/manage_users/add', methods=['POST', 'GET'])
|
|
@requires_baron
|
|
def manage_users_add():
|
|
if request.method == 'POST':
|
|
u = User()
|
|
error = None
|
|
u.name = request.form['username'].lower()
|
|
if u.name is None:
|
|
error = "Username not unique!"
|
|
|
|
if request.form['password1'] == request.form['password2']:
|
|
#u.password = request.form['password1']
|
|
u.password = bcrypt.hashpw(request.form['password1'], bcrypt.gensalt())
|
|
else:
|
|
error = "Passwords do not match!"
|
|
u.longname = request.form['longname']
|
|
u.email = request.form['email']
|
|
u.rfid_id = request.form['rfid_id']
|
|
|
|
if error is None:
|
|
add_user(u)
|
|
return render_template('manage_users_add.html', success="User created!", user=get_user_by_name(session.get('name')));
|
|
|
|
return render_template('manage_users_add.html', error=error, user=get_user_by_name(session.get('name')))
|
|
return render_template('manage_users_add.html', user=get_user_by_name(session.get('name')))
|
|
|
|
|
|
@app.route('/manage_users/edit', methods=['POST'])
|
|
@app.route('/manage_users/edit/<name>', methods=['GET'])
|
|
@requires_baron
|
|
def manage_users_edit(name=None):
|
|
if request.method == 'GET':
|
|
error = None
|
|
u = User()
|
|
u.name = name
|
|
u = get_user(u)
|
|
|
|
if u is None:
|
|
error = "User existiert nicht"
|
|
|
|
return render_template('manage_users_edit.html', user_to_edit=u, error=error, user=get_user_by_name(session.get('name')))
|
|
|
|
if request.method == 'POST':
|
|
u = User()
|
|
#print request.form
|
|
u.id = request.form['id']
|
|
u.name = request.form['username'].lower()
|
|
u.longname=request.form['longname']
|
|
u.email = request.form['email']
|
|
u.rfid_id = request.form['rfid_id']
|
|
|
|
if 'isblack' in request.form:
|
|
u.isblack = True
|
|
else:
|
|
u.isblack = False
|
|
|
|
if 'isbaron' in request.form:
|
|
u.isbaron = True
|
|
else:
|
|
u.isbaron = False
|
|
|
|
if 'isshown' in request.form:
|
|
u.isshown = True
|
|
else:
|
|
u.isshown = False
|
|
|
|
if 'autoblack' in request.form:
|
|
u.autoblack = True
|
|
else:
|
|
u.autoblack = False
|
|
|
|
if 'onlyrfid' in request.form:
|
|
u.onlyrfid = True
|
|
else:
|
|
u.onlyrfid = False
|
|
|
|
u2 = get_user_by_id(u.id)
|
|
u.password = u2.password
|
|
|
|
update_user(u)
|
|
|
|
return redirect('/manage_users')
|
|
|
|
|
|
@app.route('/manage_beverages')
|
|
@requires_baron
|
|
def manage_beverages():
|
|
products = get_products()
|
|
return render_template('manage_beverages.html', products=products, user=get_user_by_name(session.get('name')))
|
|
|
|
|
|
@app.route('/manage_beverages/edit', methods=['POST'])
|
|
@app.route('/manage_beverages/edit/<name>', methods=['GET'])
|
|
@requires_baron
|
|
def manage_beverages_edit(name=None):
|
|
if request.method == 'GET':
|
|
error = None
|
|
p = get_product_by_name(name)
|
|
|
|
if p is None:
|
|
error = "Product existiert nicht"
|
|
|
|
return render_template('manage_beverages_edit.html', product_to_edit=p, error=error, user=get_user_by_name(session.get('name')))
|
|
|
|
if request.method == 'POST':
|
|
p = Product()
|
|
#print request.form
|
|
p.id = request.form['id']
|
|
p.name = request.form['name']
|
|
p.price = float(request.form['price'])
|
|
|
|
if 'isshown' in request.form:
|
|
p.isshown = True
|
|
else:
|
|
p.isshown = False
|
|
|
|
pic = request.files['file']
|
|
if pic:
|
|
extension = pic.filename.rsplit('.', 1)[1].lower()
|
|
if extension == "png" or extension == "jpg":
|
|
pic.seek(0) # Move cursor back to beginning so we can write to disk
|
|
fpath = os.path.join("./app/static/", "product_%s.png" % p.name)
|
|
pic.save(fpath)
|
|
|
|
update_product(p)
|
|
|
|
# update_user(u)
|
|
|
|
return redirect('/manage_beverages')
|
|
|
|
|
|
@app.route('/manage_beverages/add', methods=['POST', 'GET'])
|
|
@requires_baron
|
|
def manage_beverages_add():
|
|
if request.method == 'POST':
|
|
p = Product()
|
|
error = None
|
|
logging.info(request)
|
|
p.name = request.form['name']
|
|
#if request.form['price'].isnumeric():
|
|
p.price = float(request.form['price'])
|
|
#else:
|
|
# error = "Preis muss eine Nummer sein."
|
|
|
|
if 'isshown' in request.form:
|
|
p.isshown = True
|
|
else:
|
|
p.isshown = False
|
|
|
|
pic = request.files['file']
|
|
logging.info(pic.filename)
|
|
if pic:
|
|
extension = pic.filename.rsplit('.', 1)[1].lower()
|
|
logging.info(extension)
|
|
if extension == "png" or extension == "jpg":
|
|
pic.seek(0) # Move cursor back to beginning so we can write to disk
|
|
fpath = os.path.join("./app/static/", "product_%s.png" % p.name)
|
|
pic.save(fpath)
|
|
|
|
if error is None:
|
|
add_product(p)
|
|
return render_template('manage_beverages_add.html', success="Konsumat hinzugefuegt.", user=get_user_by_name(session.get('name')))
|
|
|
|
return render_template('manage_beverages_add.html', error=error, user=get_user_by_name(session.get('name')))
|
|
return render_template('manage_beverages_add.html', user=get_user_by_name(session.get('name')))
|
|
|
|
|
|
@app.route('/consume')
|
|
@requires_login
|
|
def consume():
|
|
products = get_products()
|
|
message = []
|
|
prodid = request.args.get('prodid')
|
|
if prodid is not None:
|
|
prod = get_product_by_id(prodid)
|
|
username = session.get('name')
|
|
add_consume(username, prod.id)
|
|
message = "Du hast gerade ein %s konsumiert." % prod.name
|
|
plot_all_thread(get_user_by_name(session.get('name')))
|
|
return render_template('consume.html', products=products, message=message, user=get_user_by_name(session.get('name')))
|
|
|
|
@app.route('/personal')
|
|
@requires_login
|
|
def personal():
|
|
name = session.get('name')
|
|
user=get_user_by_name(name)
|
|
|
|
consumed = get_consumed(name)
|
|
owed = 0
|
|
for consumption in consumed:
|
|
owed += consumption.price
|
|
|
|
deposits = get_deposits(user.id)
|
|
deposited = 0
|
|
for deposit in deposits:
|
|
deposited += deposit.amount
|
|
|
|
return render_template('personal.html', user=user, consumed=consumed,
|
|
products=get_products(), deposits=deposits, deposited=deposited, owed=owed)
|
|
|
|
@app.route('/billing', methods=['POST', 'GET'])
|
|
@requires_baron
|
|
def billing():
|
|
users = get_users()
|
|
|
|
if request.method == 'POST':
|
|
for user in users:
|
|
formname = "%s_payed" % user.name
|
|
if formname in request.form:
|
|
# add payment here
|
|
payment = float(request.form[formname])
|
|
if payment != 0:
|
|
add_deposit(user.name, payment)
|
|
logging.info("%s payed %d" % (user.name, payment))
|
|
debt = [0 for user in users]
|
|
users = get_users() # refresh users for correct viewing of autounblacking
|
|
for user in users:
|
|
debt[user.id-1] = get_debt(user.name)
|
|
|
|
return render_template('billing.html', users=users, success="Writing to database is not implemented", debt=debt, user=get_user_by_name(session.get('name')))
|
|
if request.method == 'GET':
|
|
debt = [0 for user in users]
|
|
for user in users:
|
|
debt[user.id-1] = get_debt(user.name)
|
|
return render_template('billing.html', users=users, debt=debt, user=get_user_by_name(session.get('name')))
|
|
|
|
|
|
@app.route('/billing/send_personal_bill/<name>', methods=['GET', 'POST'])
|
|
@requires_baron
|
|
def send_personal_bill(name=None):
|
|
if request.method == 'POST':
|
|
users = get_users()
|
|
u = get_user_by_name(name)
|
|
message = request.form['message']
|
|
subject = request.form['subject']
|
|
send_email(u.email, subject, message)
|
|
|
|
success = "Die Rechnung wurde an %s versendet." %u.longname
|
|
|
|
debt = [0 for user in users]
|
|
for user in users:
|
|
debt[user.id-1] = get_debt(user.name)
|
|
|
|
return render_template('billing.html', users=users, success=success, debt=debt, user=get_user_by_name(session.get('name')))
|
|
|
|
if request.method == 'GET':
|
|
emailtext = parse_email(settings.singleMessageStandardText, get_user_by_name(name), get_debt(name))
|
|
emailsubject =parse_email(settings.singleMessageStandardSubject, get_user_by_name(name), get_debt(name))
|
|
return render_template('billing_personal.html', emailtext=emailtext, emailsubject=emailsubject, user=get_user_by_name(session.get('name')), user_to_bill=get_user_by_name(name))
|
|
|
|
|
|
@app.route('/billing/send_all_bills', methods=['GET', 'POST'])
|
|
@requires_baron
|
|
def send_mass_mail(name=None):
|
|
if request.method == 'POST':
|
|
users = get_users()
|
|
u = get_user_by_name(name)
|
|
message = request.form['message']
|
|
subject = request.form['subject']
|
|
|
|
send_emails(message, subject, users)
|
|
#for user in users:
|
|
# message_parsed = parse_email(message, user, 3) # change ammount of depts here
|
|
# subject_parsed = parse_email(subject, user, 3) # change ammount of depts here!
|
|
# send_email(user.email, subject_parsed, message_parsed)
|
|
|
|
success = "An alle User werden Rechnungen versendet."
|
|
return render_template('billing.html', users=users, success=success, dept=0, user=get_user_by_name(session.get('name')))
|
|
|
|
if request.method == 'GET':
|
|
return render_template('billing_mass_mail.html', user=get_user_by_name(session.get('name')), emailtext=settings.masMessageStandardText, emailsubject=settings.masMessageStandardSubject)
|
|
|
|
|
|
@app.route('/selfmanagement', methods=['GET', 'POST'])
|
|
@requires_login
|
|
def selfmanagement():
|
|
if request.method == 'POST':
|
|
u = get_user_by_name(session.get('name'))
|
|
if not bcrypt.checkpw(request.form['password_old'], u.password):
|
|
success = "Passwort falsch!"
|
|
else:
|
|
if ('password1' in request.form) & ('password2' in request.form):
|
|
if request.form['password1'] == request.form['password2']:
|
|
u.password = bcrypt.hashpw(request.form['password1'], bcrypt.gensalt())
|
|
|
|
u.rfid_id = request.form['rfid_id']
|
|
|
|
if 'onlyrfid' in request.form:
|
|
u.onlyrfid = True
|
|
else:
|
|
u.onlyrfid = False
|
|
update_user(u)
|
|
success = u'Einstellungen wurden übernommen!'
|
|
else:
|
|
success = u'Neue Passwörter stimmen nicht überein!'
|
|
else:
|
|
u.rfid_id = request.form['rfid_id']
|
|
|
|
if 'onlyrfid' in request.form:
|
|
u.onlyrfid = True
|
|
else:
|
|
u.onlyrfid = False
|
|
|
|
update_user(u)
|
|
success = u'Einstellungen wurden übernommen!'
|
|
|
|
return render_template('selfmanagement.html', success=success, user=get_user_by_name(session.get('name')))
|
|
|
|
if request.method == 'GET':
|
|
return render_template('selfmanagement.html', user=get_user_by_name(session.get('name')))
|
|
|
|
#migrate the db to hashed passwords
|
|
#@app.route('/hashdb')
|
|
#@requires_baron
|
|
#def hashdb():
|
|
# users = get_users()
|
|
# for user in users:
|
|
# user.password = bcrypt.hashpw(user.password, bcrypt.gensalt())
|
|
# update_user(user)
|
|
# return render_template('index.html', users=users, user=get_user_by_name(session.get('name')))
|