def create_user():
db = get_db()
jobs = user_model.get_all_job(db)
companys = user_model.get_all_company(db)
status = user_model.get_all_status(db)
if request.method == 'POST':
login_name = request.form['login_name']
password = request.form['password']
really_name = request.form['really_name']
phone = request.form['phone']
job_id = request.form['job_id']
company_id = request.form['company_id']
status = request.form['status']
print(login_name, password, really_name,
phone, job_id, company_id, status)
login_name_existed = user_model.login_name_existed(db, login_name)
error = None
if login_name_existed:
error = 'Login name is existed'
if error is not None:
flash(error)
else:
db = get_db()
user_model.create_user(db, login_name, password, really_name,
phone, job_id, company_id, status)
return redirect(url_for('user_center.index'))
return render_template('user_center/user_create.html',
jobs=jobs, companys=companys, status=status)
def update_user(user_id):
user = get_user(user_id)
db = get_db()
jobs = user_model.get_all_job(db)
companys = user_model.get_all_company(db)
status = user_model.get_all_status(db)
if request.method == 'POST':
login_name = request.form['login_name']
# password = request.form['password']
really_name = request.form['really_name']
phone = request.form['phone']
job_id = request.form['job_id']
company_id = request.form['company_id']
status = request.form['status']
error = None
if not login_name:
error = 'Login name can\'t be null'
if error is not None:
flash(error)
else:
db = get_db()
user_model.update_user(db, user_id, really_name,
phone, job_id, company_id, status)
return redirect(url_for('user_center.index'))
return render_template('user_center/user_update.html', user=user,
jobs=jobs, companys=companys, status=status)
def index():
if session.get('job_id') == 0:
db = get_db()
users = user_model.get_all_user(db)
return render_template('user_center/index.html', users=users)
else:
db = get_db()
posts = blog_model.get_all_posts(db)
return render_template('blog/index.html', posts=posts)
def create_application():
db = get_db()
auditor = attendance_model.get_auditor_by_id(db, g.user['id'])
types = attendance_model.get_application_type(db)
default_date = attendance_model.default_date()
if request.method == 'POST':
application_nbr = 'L{}{}'.format(
datetime.datetime.now().strftime('%Y%m%d'),
random.randint(1000, 9999))
application_type = request.form['application_type']
begin_date = request.form['begin_date']
end_date = request.form['end_date']
duration_time = request.form['duration_time']
application_reason = request.form['application_reason']
auditor_id = request.form['auditor_id']
if application_type == str(cfg.leave_type):
last_application = attendance_model.get_application_by_id(
db, g.user['id'], cfg.leave_type)
else:
last_application = attendance_model.get_application_by_id(
db, g.user['id'], cfg.overtime_type)
error = None
r = re.compile('^\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}$')
r2 = re.compile('^\d+$')
if not r.findall(begin_date):
error = 'Begin Date must like: 2019-08-07 11:00:00'
if not r.findall(end_date):
error = 'End Date must like: 2019-08-07 11:00:00'
if not r2.findall(str(duration_time)):
error = 'Duration time Must be a number'
if (datetime.datetime.strptime(begin_date, '%Y-%m-%d %H:%M:%S') >=
datetime.datetime.strptime(end_date, '%Y-%m-%d %H:%M:%S')):
error = 'Begin date must less than the end date'
for application in last_application:
if application is not None:
last_end_date = application['end_date']
if last_end_date >= datetime.datetime.strptime(
begin_date, '%Y-%m-%d %H:%M:%S'):
error = 'You have an application which with a deadline on {}'.format(
last_end_date)
if error is not None:
flash(error)
else:
db = get_db()
attendance_model.create_application(db, application_nbr,
application_type, g.user['id'],
begin_date, end_date,
duration_time,
application_reason, auditor_id)
return redirect(url_for('attendance.index'))
return render_template('attendance/create.html',
auditor=auditor,
default_date=default_date,
types=types)
def index():
db = get_db()
if g.user['job_id'] == 0:
attendance = attendance_model.get_all_application(db)
else:
attendance = attendance_model.get_all_application(db, g.user['id'])
return render_template('attendance/index.html', attendance=attendance)
def register():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
db = get_db()
error = None
if not username:
error = 'Username is required.'
elif not password:
error = 'Password is required.'
elif db.execute(
'SELECT id FROM user WHERE login_name = ?', (username,)
).fetchone() is not None:
error = 'User {} is already registered.'.format(username)
if error is None:
db.execute(
'INSERT INTO user (login_name, password) VALUES (?, ?)',
(username, generate_password_hash(password))
)
db.commit()
return redirect(url_for('auth.login'))
flash(error)
return render_template('auth/register.html')
def delete_user(user_id):
if user_id == 1:
abort(404, "User can't be deleted.".format(user_id))
else:
get_user(user_id)
db = get_db()
user_model.delete_user(db, user_id)
return redirect(url_for('user_center.index'))
def delete_job(job_id):
if job_id == 0:
abort(404, "Job id {0} can't be deleted.".format(job_id))
else:
get_job(job_id)
db = get_db()
user_model.delete_job(db, job_id)
return redirect(url_for('user_center.job'))
def delete_company(company_id):
if company_id == 0:
abort(404, "Company id {0} can't be deleted.".format(company_id))
else:
get_company(company_id)
db = get_db()
user_model.delete_company(db, company_id)
return redirect(url_for('user_center.company'))
def load_logged_in_user():
user_id = session.get('user_id')
if user_id is None:
g.user = None
else:
g.user = get_db().execute(
'SELECT * FROM user WHERE id = ?', (user_id,)
).fetchone()
def get_post(post_id, check_author=True):
post = blog_model.get_post_by_id(get_db(), post_id)
if post is None:
abort(404, "Post id {0} doesn't exist.".format(post_id))
if check_author and post['author_id'] != g.user['id']:
abort(403)
return post
def create_job():
db = get_db()
jobs = user_model.get_all_job(db)
if request.method == 'POST':
job_name = request.form['name']
superior_id = request.form['superior_id']
job_desc = request.form['desc']
error = None
if not job_name:
error = 'Title is required.'
if error is not None:
flash(error)
else:
db = get_db()
user_model.create_job(db, job_name, superior_id, job_desc)
return redirect(url_for('user_center.job'))
return render_template('user_center/job_create.html', jobs=jobs)
def update_user_password(user_id):
user = get_user(user_id)
if request.method == 'POST':
new_password = request.form['new_password']
if g.user['job_id'] == 0:
db = get_db()
user_model.update_password(db, user_id, new_password)
return redirect(url_for('user_center.index'))
old_password = request.form['old_password']
error = None
db = get_db()
check_old_psd = user_model.check_old_password(db, user_id, old_password)
if not check_old_psd:
error = 'Old password is error'
if error is not None:
flash(error)
else:
db = get_db()
user_model.update_password(db, user_id, new_password)
return redirect(url_for('user_center.index'))
return render_template('user_center/user_update_password.html', user=user)
def create():
if request.method == 'POST':
title = request.form['title']
body = request.form['body']
error = None
if not title:
error = 'Title is required.'
if error is not None:
flash(error)
else:
db = get_db()
blog_model.create_posts(db, g.user['id'], title, body)
return redirect(url_for('blog.index'))
return render_template('blog/create.html')
def create_company():
if request.method == 'POST':
company_name = request.form['name']
company_desc = request.form['desc']
error = None
if not company_name:
error = 'Name is required.'
if error is not None:
flash(error)
else:
db = get_db()
user_model.create_company(db, company_name, company_desc)
return redirect(url_for('user_center.company'))
return render_template('user_center/company_create.html')
def update(post_id):
post = get_post(post_id)
if request.method == 'POST':
title = request.form['title']
body = request.form['body']
error = None
if not title:
error = 'Title is required.'
if error is not None:
flash(error)
else:
db = get_db()
blog_model.update_post(db, post_id, title, body)
return redirect(url_for('blog.index'))
return render_template('blog/update.html', post=post)
def login():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
db = get_db()
error = None
user = db.execute(
'SELECT * FROM user WHERE login_name = ?', (username,)
).fetchone()
if user is None:
error = 'Incorrect username.'
elif not check_password_hash(user['password'], password):
error = 'Incorrect password.'
if error is None:
session.clear()
session['user_id'] = user['id']
session['job_id'] = user['job_id']
return redirect(url_for('index'))
flash(error)
return render_template('auth/login.html')
def delete(post_id):
get_post(post_id)
db = get_db()
blog_model.delete_post(db, post_id)
return redirect(url_for('blog.index'))
def get_job(job_id):
db = get_db()
job = user_model.get_job_by_id(db, job_id)
if job is None:
abort(404, "Job id {0} doesn't exist.".format(id))
return job
def index():
db = get_db()
posts = blog_model.get_all_posts(db)
return render_template('blog/index.html', posts=posts)
def auditor_application(application_id, status):
db = get_db()
attendance_model.auditor_application(db, application_id, status)
return redirect(url_for('attendance.index'))
def get_user(user_id):
db = get_db()
user = user_model.get_user_by_id(db, user_id)
if user is None:
abort(404, "Job id {0} doesn't exist.".format(id))
return user
def recall_application(application_id):
db = get_db()
attendance_model.recall_application(db, application_id)
return redirect(url_for('attendance.index'))
def job():
db = get_db()
jobs = user_model.get_all_job(db)
return render_template('user_center/job.html', jobs=jobs)
def get_company(company_id):
db = get_db()
company = user_model.get_company_by_id(db, company_id)
if company is None:
abort(404, "Company id {0} doesn't exist.".format(company_id))
return company
def company():
db = get_db()
companys = user_model.get_all_company(db)
return render_template('user_center/company.html', companys=companys)
