def remove_user(urluser=None):
user = get_user()
other = get_user(urluser)
if user and other:
if user['username'] == other['username'] or user['rank'] == 2:
app.logger.info(user['username'] + ' removed account ' + urluser)
database.remove_user(urluser)
shutil.rmtree(app.config['upload_folder'] + urluser + '/')
return redirect(url_for('home'))
def user_remove(access):
if not database.valid_access(access):
return render_template("error.html", error="Page not found.")
elif not database.is_admin(session["access"]):
return redirect(url_for("unauthorized"))
else:
email = request.form["email"]
users = database.get_users()
if not database.user_exists(email):
return render_template("users.html", users=users, access=access, error="User: "******" does not exist.")
database.remove_user(email=email)
users = database.get_users()
return render_template("users.html", users=users, access=access, error=email + " has been removed permanantly.")
def execute_remove_method(master_password, args):
accounts_for_website = database.select_given_website(args[0])
for account in accounts_for_website:
if account[0] == args[1]:
_ = crypter.decrypt(account[1], master_password)
return database.remove_user(args[0], args[1])
def manage_users_page():
if check_logged_in() != ' ':
if session['user'][4] == 'Admin':
operation = request.args.get('operation')
user_id = request.args.get('user_id')
key = request.args.get('key')
search = request.args.get('search')
if operation == 'delete':
database.remove_user(user_id)
if operation == 'search' and search != '':
try:
data = database.manage_users_search(key, search)
except:
data = []
else:
data = database.manage_users()
return render_template('manage_users.html',
user=check_logged_in(),
data=data)
elif session['user'][4] == 'Manager':
operation = request.args.get('operation')
user_id = request.args.get('user_id')
key = request.args.get('key')
search = request.args.get('search')
try:
dept = database.get_employee(session['user'][3])[0][3]
except:
dept = ''
if operation == 'delete':
database.remove_user(user_id)
elif operation == 'search' and search != '':
try:
data = database.manage_users_search_admin(key, search,
dept)
except:
data=[]
else:
data = database.manage_users_adimin(dept)
return render_template('manage_users.html',
user=check_logged_in(),
data=data)
return redirect(url_for('login_page'))
def remove_user():
user = choose_user()
if user:
database.remove_user(user.user_id)
def run(self):
print("Starting " + self.name)
global running
global doctor_test
global doctor_id
doctor_test = False
# Prompt loop
while running:
cmd = input("> ")
if cmd == "exit":
running = False
database.close()
print("Exiting now")
sys.exit(0)
# command for logging in with username and password if the username and password are valid
# doctor_test is set to true and doctor id is set to the corresponding id so the database can be edited
if cmd == "login":
doctors = database.get_users_by_role('doc')
print("Please login to make changes.")
login_username = input("Username: "******"Password: "******"Logged in as doctor id: " + str(doctor_id))
doctor_test = True
if not doctor_test:
print("Invalid credentials!")
# when logging out doctor test is set to false so no changes can be made
# doctor id is set to 0 so nobody can actually see who was the last doctor to log in
if cmd == "logout" and doctor_test:
doctor_test = False
print("Logged out as doctor id: " + str(doctor_id))
doctor_id = 0
# to update credentials you must be logged in as a doctor and you have to verify your login data again
if cmd == "update credentials" and doctor_test:
user = database.get_user_by_uid(doctor_id)
print("Please verify your login.")
login_username = input("Old username: "******"Old password: "******"New username = "******"New password = "******"Credentials updated.")
# to update a rfid tag you have to be logged in as a doctor and you have to input a user_id to which the new rfid will be bound
if cmd == "update rfid" and doctor_test:
user_id = input("User id = ")
user = database.get_user_by_uid(user_id)
if user is None:
print("No user with this id!")
continue
new_rfid = input("New rfid = ")
user.rfid = new_rfid
database.update_user(user)
database.commit()
print("rfid updated.")
# when logged in as a doctor you can get all users with their roles (but not password or rfid)
if cmd == "get users" and doctor_test:
users = database.get_users()
print("id\trole")
for user in users:
print(str(user.id) + "\t" + str(user.role))
# when logged in you can get prescriptions for a single user or you can get all prescriptions
if cmd == "get prescriptions" and doctor_test:
choice = input("For all users y/n: ")
prescriptions = database.get_prescriptions()
if choice == "y":
print("id\tmedicine\tdescription")
for prescription in prescriptions:
print(str(prescription.id) + "\t" + str(prescription.medicine_id) + "\t\t\t" + str(prescription.descr))
elif choice == "n":
user_id = int(input("id = "))
print("id\tmedicine\tdescription")
for prescription in prescriptions:
if prescription.uid == user_id:
print(str(prescription.id) + "\t" + str(prescription.medicine_id) + "\t\t\t" + str(prescription.descr))
else:
print("Invalid input!")
# as a logged in doctor you can add prescriptions. you will be prompted for all the data
if cmd == "add prescription" and doctor_test:
prescriptions = database.get_prescriptions()
prescription_list = []
for prescription in prescriptions:
prescription_list.append(prescription.id)
prescription_id = int(max(prescription_list) + 1)
patient_id = int(input("Patient id = "))
medicine_id = int(input("Medicine id = "))
description = input("Description of use = ")
max_dose = int(input("Daily max dose = "))
min_time = int(input("Minimum time between dispenses in seconds = "))
amount = int(input("Amount of medicine per dispense/dose = "))
cur_dose = 0
duration = int(input("Prescription duration in days = ")) * 86400
date = int(calendar.timegm(time.gmtime()))
# this part checks if the user is actually in the database else it prints "patient does not exist"
users = database.get_users()
patient_test = False
for user in users:
if patient_id == user.id:
print("New prescription added with id: " + str(prescription_id))
database.insert_prescription(Prescription.parse_raw([prescription_id, patient_id, medicine_id, description, max_dose, min_time, amount, cur_dose, date, doctor_id, duration, date]))
database.commit()
patient_test = True
if not patient_test:
print("Patient does not exist!")
# as a logged in doctor you can remove a prescription by id
if cmd == "remove prescription" and doctor_test:
prescription_id = int(input("prescription id = "))
database.remove_prescription(prescription_id)
database.commit()
print("Prescription removed.")
# as a logged in doctor you can add new users. you get prompted for all data (and for username and pw if you are adding a doctor)
if cmd == "add user" and doctor_test:
users = database.get_users()
user_list = []
for user in users:
user_list.append(user.id)
user_id = int(max(user_list) + 1)
rfid = int(input("RFID = "))
role = input("role(pat/doc/ref) = ")
if role == 'doc':
new_username = input("New user username = "******"New user password = "******""
new_password = ""
database.insert_user(User.parse_raw([user_id, rfid, role, new_username, new_password]))
database.commit()
print("New user added with id: " + str(user_id))
# as a logged in doctor you can remove users by id
if cmd == "remove user" and doctor_test:
user_id = int(input("User id = "))
database.remove_user(user_id)
database.commit()
print("User removed.")
# you can always print out all existing commands
if cmd == "help":
commands = ["login",
"logout",
"exit",
"get prescriptions",
"add prescription",
"remove prescription",
"add user",
"remove user",
"update credentials",
"update rfid"]
print("Commands:", commands)
# threads.remove(self)
print("Exiting " + self.name)
import sqlite3
if __name__ == "__main__":
f = open('email_config.cfg', 'r')
username = f.readline().strip()
password = f.readline().strip()
dbase = f.readline().strip()
f.close()
database.init_table(dbase);
while(1):
num, sender, body = email_util.receive_email_subj("add", username, password)
if (num != -1):
print "Received new user email requesting add!"
sender = sender[sender.index("<") + 1:-1]
body = body.split();
if not body:
database.add_user(sender, sender, dbase)
else:
database.add_user(body[0], sender, dbase)
email_util.delete_email(num, username, password)
num, sender, body = email_util.receive_email_subj("quit", username, password)
if (num != -1):
print "Received new user email requesting removal!"
sender = sender[sender.index("<") + 1:-1]
body = body.split();
database.remove_user(sender, dbase)
email_util.delete_email(num, username, password)
def handle_admin_click(call):
if call.data == Messages.ADMIN:
menu = {
Admin.ALL_USERS: f'{Messages.ALL_USERS}:0',
Admin.ALL_GUILDS: Messages.ALL_GUILDS,
Admin.ALL_PENDING_USERS: Messages.ALL_PENDING_USERS,
Admin.ALL_BANNED_USERS: Messages.ALL_BANNED_USERS,
Admin.ALL_ADMINS: Messages.ALL_ADMINS,
Admin.CHANGE_USER_STATUS: Messages.CHANGE_USER_STATUS,
Admin.ADD_GUILD: Messages.ADD_GUILD,
Admin.MESSAGE_TO_ALL_TITLE: Messages.MESSAGE_TO_ALL,
Locale.GO_BACK: Messages.MENU
}
question = Locale.BOT_ADMIN_MENU
bot.send_message(call.from_user.id,
text=question,
reply_markup=botutils.create_menu(menu))
elif call.data.startswith(Messages.ALL_USERS):
page = int(call.data.split(':')[1])
page_count = ceil(database.get_users_count() / Database.PAGE_SIZE)
users = database.get_users_page(page)
keyboard = botutils.create_page_menu(page, page_count)
bot.send_message(chat_id=call.from_user.id,
text=botutils.format_users_as_table(users),
parse_mode='Markdown',
reply_markup=keyboard)
elif call.data == Messages.ALL_GUILDS:
guilds = database.get_all_guilds()
bot.send_message(chat_id=call.from_user.id,
text=botutils.format_guilds_as_table(guilds),
parse_mode='Markdown')
elif call.data == Messages.ALL_PENDING_USERS:
pending_users = database.get_all_pending_users()
if len(pending_users) == 0:
bot.send_message(call.from_user.id, Admin.USERS_EMPTY)
else:
bot.send_message(
chat_id=call.from_user.id,
text=botutils.format_users_as_table(pending_users),
parse_mode='Markdown')
elif call.data == Messages.ALL_BANNED_USERS:
banned_users = database.get_all_banned_users()
if len(banned_users) == 0:
bot.send_message(call.from_user.id, Admin.USERS_EMPTY)
else:
bot.send_message(chat_id=call.from_user.id,
text=botutils.format_users_as_table(banned_users),
parse_mode='Markdown')
elif call.data == Messages.ALL_ADMINS:
all_admins = database.get_all_admins()
if len(all_admins) == 0:
bot.send_message(call.from_user.id, Admin.USERS_EMPTY)
else:
bot.send_message(chat_id=call.from_user.id,
text=botutils.format_users_as_table(all_admins),
parse_mode='Markdown')
elif call.data == Messages.ADD_GUILD:
user = database.get_user(call.from_user.id)
if user.status in [Statuses.SUPERVISOR]:
bot.send_message(call.from_user.id, Locale.GUILD_NAME)
bot.register_next_step_handler_by_chat_id(call.from_user.id,
add_guild)
else:
bot.send_message(call.from_user.id, Admin.NO_PERMITTIONS)
elif call.data == Messages.MESSAGE_TO_ALL:
bot.send_message(call.from_user.id, Admin.MESSAGE_TEXT)
bot.register_next_step_handler_by_chat_id(call.from_user.id,
message_to_subscribed_users)
elif call.data == Messages.CHANGE_USER_STATUS:
bot.send_message(call.from_user.id, Admin.SELECT_USER_STATUS_BY_ID)
bot.register_next_step_handler_by_chat_id(call.from_user.id,
user_id_exists)
elif call.data.startswith(Messages.ADD_ADMIN):
user_id = call.data.split(':')[1]
database.update_user(user_id, Database.FIELD_STATUS, Statuses.ADMIN)
bot.send_message(user_id, Admin.CHANGE_USER_STATUS_BY_ID_ADD_ADMIN)
bot.send_message(call.from_user.id,
Admin.CHANGE_USER_STATUS_BY_ID_SUCCESSFUL)
notify_all_admins(call.from_user.id, user_id)
elif call.data.startswith(Messages.CONFIRM):
user_id = call.data.split(':')[1]
database.update_user(user_id, Database.FIELD_STATUS, Statuses.ACTIVE)
bot.send_message(user_id, Locale.CHARACTER_REG_SUCCESSFUL)
ask_for_subscription_by_userid(user_id)
bot.send_message(call.from_user.id,
Admin.CHANGE_USER_STATUS_BY_ID_SUCCESSFUL)
notify_all_admins(call.from_user.id, user_id)
elif call.data.startswith(Messages.NOT_CONFIRM):
user_id = call.data.split(':')[1]
database.update_user(user_id, Database.FIELD_STATUS, Statuses.BANNED)
bot.send_message(user_id, Locale.CHARACTER_REG_BANNED)
bot.send_message(call.from_user.id,
Admin.CHANGE_USER_STATUS_BY_ID_SUCCESSFUL)
notify_all_admins(call.from_user.id, user_id)
elif call.data.startswith(Messages.DELETE):
user_id = call.data.split(':')[1]
notify_all_admins_about_delete(call.from_user.id, user_id)
database.remove_user(user_id)
bot.send_message(user_id, Locale.CHARACTER_REG_FAILED)
elif call.data == Messages.ADMIN:
database.set_subscription(call.from_user.id,
Database.DB_USER_SUBSCRIBED)
bot.send_message(call.from_user.id,
Locale.CHARACTER_SUCCESSFUL_SUBCRIPTION)
else:
callback_worker(call)