def new(): if request.method == "POST": if 'cancel' in request.form: flash(escape("Rustur ikke oprettet")) return redirect(url_for('rustours.overview')) b = data.Bucket(request.form) b.type if b.tour_name == "": b.tour_name = "Unavngiven rustur" if b.year.isdecimal(): b.year = int(b.year) else: flash("Please enter a valid year") return html.back() b >= "Tours" return redirect(url_for('rustours.overview')) else: w = html.WebBuilder() w.form() w.formtable() w.textfield("tour_name", "Navn", value="Unavngiven rustur") w.textfield("year", "År", value=rkgyear()) w.select("type", "Type", [('p', 'Pigetur'), ('t', 'Transetur'), ('m', 'Munketur')]) form = w.create() return render_template("form.html", form=form)
def new(): if request.method == "POST": if 'cancel' in request.form: flash(escape("Mentorhold ikke oprettet")) return redirect(url_for('mentorteams.overview')) b = data.Bucket(request.form) if b.mentor_names == "": b.mentor_names = "Unavngivet mentorhold" if b.year.isdecimal(): b.year = int(b.year) else: flash("Please enter a valid year") return html.back() b >= "Mentorteams" return redirect(url_for('mentorteams.overview')) else: w = html.WebBuilder() w.form() w.formtable() w.textfield("mentor_names", "Navn", value="Unavngivet mentorhold") w.textfield("year", "År", value=rkgyear()) form = w.create() return render_template("form.html", form=form)
def delete_user(): # return render_template("admin/delete_user.html") if request.method == "POST": if 'cancel' in request.form: flash(escape("Ændringer anulleret")) return redirect(url_for('admin.overview')) b = data.Bucket(request.form) b.deleted = True b >> ("UPDATE Users SET $ WHERE username = ?", request.form["user"]) data.execute("DELETE FROM Group_users WHERE username = ?", request.form["user"]) flash("Bruger slettet") return redirect(url_for('admin.delete_user')) else: users = data.execute("SELECT * FROM Users WHERE deleted = ?", False) users = [(user['username'], "{0}: {1}".format(user['username'], user['name'])) for user in users] w = html.WebBuilder() w.form() w.formtable() w.select("user", "Brugere:", users) form = w.create() return render_template("admin/delete_user.html", form=form)
def settings(m_id): if request.method == "POST": if 'cancel' in request.form: return redirect(url_front()) b = data.Bucket(request.form) if b.mentor_names == "": b.mentor_names = "Unavngivet mentorhold" if b.year.isdecimal(): b.year = int(b.year) else: flash("Please enter a valid year") return html.back() b >> ("UPDATE Mentorteams $ WHERE m_id = ?", m_id) mentors = request.form['mentors'] mentors = mentors.replace('"', '') mentors = mentors.replace('"', '') mentors = [name.split()[0] for name in re.split(';\s', mentors) if name != ""] old = data.execute("SELECT username FROM Mentors WHERE m_id = ?", m_id) old = [mentor['username'] for mentor in old] for mentor in set(old) - set(mentors): data.execute("DELETE FROM Mentors WHERE m_id = ? and username = ?", m_id, mentor) for mentor in sorted(set(mentors) - set(old)): data.execute("INSERT INTO Mentors(m_id, username) VALUES (?, ?)", m_id, mentor) return redirect(url_for('mentorteams.mentorteam', m_id=m_id)) else: teams = data.execute("SELECT * FROM Mentorteams WHERE m_id = ?", m_id) if len(teams) != 1: flash(escape("Det hold findes ikke")) return redirect(url_for("mentorteams.overview")) team = teams[0] all_mentors = data.execute("SELECT * FROM Users WHERE username IN (Select username from Group_users where groupname = 'mentor')") all_mentors = ['\\"{0}\\" {1}'.format(mentor['username'], mentor['name']) for mentor in all_mentors] all_mentors.sort() actual_mentors = data.execute("SELECT * FROM Mentors INNER JOIN Users USING(username) WHERE m_id = ?", m_id) actual_mentors = ['"{0}" {1}; '.format(mentor['username'], mentor['name']) for mentor in actual_mentors] actual_mentors.sort() actual_mentors ="".join(actual_mentors) w = html.WebBuilder() w.form() w.formtable() w.textfield("mentor_names", "Navn") w.textfield("year", "År") w.html(html.autocomplete_multiple(all_mentors, "mentors", default=actual_mentors), description="Mentorer", value="abekat") form = w.create(team) return render_template("mentorteams/settings.html", form=form)
def new(key): time.sleep(random.randint(2, 6)) # EXPLANATION: weed out old creation keys delete_old_keys() # EXPLANATION: Check if key exists/is valid result = data.execute( "SELECT key, email FROM User_creation_keys WHERE key = ?", key) if empty(result): time.sleep(random.randint(5, 21)) # TODO: Send to errorpage? return redirect(url_front()) if request.method == "POST": if 'cancel' in request.form: data.execute("DELETE FROM User_creation_keys WHERE key = ?", key) flash("Oprettelse anulleret") return redirect(url_front()) b = data.Bucket(request.form) if not sanitize_username(b.username): flash("Ugyldigt brugernavn") return html.back() if b.password1 != b.password2: flash("Du gav to forskellige løsener, prøv igen") return html.back() if b.password1 == "": flash("Du skal vælge et løsen") return html.back() data.execute("DELETE FROM User_creation_keys WHERE key = ?", key) create_user(b.username, b.password1, b.name, b.email) flash("Ny bruger oprettet") session['logged_in'] = True session['username'] = b.username return redirect(url_for("usermanager.settings")) else: wb = html.WebBuilder() wb.form() wb.formtable() wb.textfield("username", "Brugernavn (Hvad du bliver kaldt på DIKU):") wb.textfield("name", "Fulde navn:") wb.textfield("email", "Email:", value=result[0]["email"]) wb.password("password1", "Løsen") wb.password("password2", "Gentag løsen") form = wb.create() return render_template("form.html", form=form)
def create_user(username, raw_password, name="", email="", groups=[]): b = data.Bucket() b.username = username b.password = password.encode(raw_password) b.name = name b.email = email b >= "Users" set_user_groups(username, groups) message = mail.new_user_adminmail.format(username=b.username, name=b.name, email=b.email) mail.admin("User Created", message)
def settings(): if request.method == "POST": if 'cancel' in request.form: flash(escape("Ændringer annulleret")) return redirect(url_for('usermanager.overview')) username = session["username"] b = data.Bucket(request.form) b.name b.email b.phone b.address b.zipcode b.city b.birthday = nonify(b.birthday) b.driverslicence = "driverslicence" in request.form b.diku_age b.about_me # = request.form["about_me"] b >> ("UPDATE Users $ WHERE username = ?", username) return redirect(url_for('usermanager.user', username=username)) else: user = data.execute("SELECT * FROM Users WHERE username = ?", session["username"]) user = user[0] user = unnonify(user) birthday = user["birthday"] if birthday == None: birthday = "" elif isinstance(birthday, datetime.date): birthday = birthday.isoformat() w = html.WebBuilder() w.form() w.formtable() w.textfield("name", "Fulde navn") w.textfield("email", "Email") w.textfield("phone", "Telefonnummer") w.textfield("address", "Adresse") w.textfield("zipcode", "Postnummer") w.textfield("city", "By") w.calendar("birthday", "Fødselsdag") w.checkbox("driverslicence", "Har du kørekort?") w.textfield("diku_age", "Hvornår startede du på DIKU?") w.textarea("about_me", "Lidt om mig") form = w.create(user) return render_template("form.html", form=form)
def dutyteams(t_id): if request.method == "POST": if 'cancel' in request.form: return redirect(url_for('rustours.rustour', t_id=t_id)) if request.form['new'] != "": b = data.Bucket() b.name = request.form['new'] b.t_id = t_id b >= "Dutyteams" dutyteams = data.execute("SELECT d_id FROM Dutyteams WHERE t_id = ?", t_id) dutyteams = set(str(dutyteam['d_id']) for dutyteam in dutyteams) for d_id in request.form.keys(): if d_id in dutyteams: b = data.Bucket() b.name = request.form[d_id] b >> ("UPDATE Dutyteams $ WHERE t_id = ? AND d_id = ?", t_id, d_id) return redirect(url_for("rustours.rustour", t_id=t_id)) else: dutyteams = data.execute( "SELECT * FROM Dutyteams WHERE t_id = ? ORDER BY d_id ASC", t_id) w = html.WebBuilder() w.form() w.formtable() for dutyteam in dutyteams: w.textfield(dutyteam['d_id'], "Omdøb:", value=dutyteam['name']) w.textfield("new", "Nyt tjansehold:") form = w.create() return render_template("form.html", form=form)
def new_book(): # TODO: merge features of book and new_book if request.method == "POST": if 'cancel' in request.form: flash(escape("Ændringer annulleret")) return redirect(url_for('bookkeeper.overview')) b = data.Bucket(request.form) b.title b.description b.creator = session['username'] b.created = now() b_id = (b >= "Books")["b_id"] return redirect(url_for("bookkeeper.book", b_id=b_id)) else: w = html.WebBuilder() w.form() w.formtable() w.textfield("title", "Overskrift") w.textarea("description", "beskrivelse") form = w.create() return render_template("form.html", form=form)
def generate_key(): min = config.USER_CREATION_KEY_MIN_LENGTH max = config.USER_CREATION_KEY_MAX_LENGTH length = random.randrange(min, max) alphabet = string.ascii_letters + string.digits while True: key = ''.join(random.choice(alphabet) for x in range(length)) try: b = data.Bucket() b.key = key b.created = now() b >= "User_creation_keys" return key except psycopg2.IntegrityError as e: if e.pgerror.startswith( 'ERROR: duplicate key value violates unique constraint "user_forgotten_password_keys_pkey"' ): continue else: raise
def renew_password(key): # EXPLANATION: weed out old password keys delete_old_keys() result = data.execute( "SELECT * FROM User_forgotten_password_keys WHERE key = ?", key) if len(result) != 1: flash("Linket du fulgte er desvære udløbet, prøv igen") return redirect(url_front()) result = result[0] if request.method == "POST": b = data.Bucket(request.form) if b.new1 != b.new2: flash("De to løsner er ikke ens") return redirect(url_for('usermanager.renew_password', key=key)) if b.new1 == "": flash("Du specificerede ikke et nyt løsen") return redirect(url_for('usermanager.renew_password', key=key)) data.execute("DELETE FROM User_forgotten_password_keys WHERE key = ?", key) update_password(result['username'], b.new1) session['logged_in'] = True session['username'] = result['username'] return redirect(url_front()) else: w = html.WebBuilder() w.form() w.formtable() w.password("new1", "Nyt løsen") w.password("new2", "Gentag nyt løsen") form = w.create() return render_template("form.html", form=form)
def forgot_password(username): user = data.execute("SELECT name, email from Users WHERE username = ?", username) if len(user) != 1: raise Exception("No such user/No valid email") min = config.USER_CREATION_KEY_MIN_LENGTH max = config.USER_CREATION_KEY_MAX_LENGTH length = random.randrange(min, max) alphabet = string.ascii_letters + string.digits finished = False while not finished: key = ''.join(random.choice(alphabet) for x in range(length)) try: b = data.Bucket() b.username = username b.key = key b.created = now() b >= "User_forgotten_password_keys" finished = True break except psycopg2.IntegrityError as e: if e.pgerror.startswith( 'ERROR: duplicate key value violates unique constraint "user_forgotten_password_keys_pkey"' ): finished = False continue else: raise user = user[0] email = user['email'] if email == None or email == '': raise Exception("No such user/No valid email") url = config.URL + url_for("usermanager.renew_password", key=key) text = forgot_password_mail.format(name=user['name'], url=url) mail.send(email, "Glemt løsen", text)
def change_password(): if request.method == "POST": if 'cancel' in request.form: flash(escape("Ændringer annulleret")) return redirect(url_for('usermanager.settings')) username = session["username"] current_password = data.execute( "SELECT password FROM Users WHERE username = ?", username)[0]['password'] b = data.Bucket(request.form) if not password.check(b.current, current_password): return logout() if b.new1 != b.new2: flash("De to løsner er ikke ens") return redirect(url_for('usermanager.change_password')) if b.new1 == "": flash("Du specificerede ikke et nyt løsen") return redirect(url_for('usermanager.change_password')) update_password(username, b.new1) return redirect(url_for('usermanager.settings')) else: w = html.WebBuilder() w.form() w.formtable() w.password("current", "Nuværende løsen") w.password("new1", "Nyt løsen") w.password("new2", "Gentag nyt løsen") form = w.create() return render_template("form.html", form=form)
def add_to_rustour(m_id): if request.method == "POST": if 'cancel' in request.form: flash(escape("Ingen ændringer")) return redirect(url_for('mentorteams.mentorteam', m_id=m_id)) b = data.Bucket(request.form) russer = data.execute("SELECT r_id FROM Russer WHERE mentor = ?", m_id) russer = [(b.tour_name, rus['r_id']) for rus in russer] data.executemany("UPDATE Russer SET rustour = ? WHERE r_id = ?", russer) flash("Alle russer på mentorholdet er blevet sat på rustur".format(b.tour_name)) return redirect(url_for("mentorteams.mentorteam", m_id=m_id)) else: rustours = data.execute("SELECT * FROM Tours WHERE year = ?", rkgyear()) rustours = [(tour['t_id'], tour['tour_name']) for tour in rustours] wb = html.WebBuilder() wb.form() wb.formtable() wb.select("tour_name", "Tildel rustur", rustours) form = wb.create() return render_template("form.html", form=form)
def rus(r_id): if request.method == "POST": if 'cancel' in request.form: flash(escape("Ændringer anulleret")) return redirect(url_for('rusmanager.overview')) b = data.Bucket(request.form) b.filled_by = session["username"] b.can_contact = True if "can_contact" in request.form else False b.called = "called" in request.form b.name b.gender b.birthday = nonify(b.birthday) b.co b.address b.zipcode b.city b.move_time b.new_address b.new_zipcode b.new_city b.phone b.email b.vacation b.priority b.gymnasium b.since_gymnasium b.supplementary_exams b.merit b.code_experience b.special_needs b.plays_instrument b.other b.tshirt b.paid = "paid" in request.form b.attending_uniday = "attending_uniday" in request.form b.attending_campus = "attending_campus" in request.form b.attending_rustour = "attending_rustour" in request.form b.mentor = nonify(b.mentor) b.rustour = nonify(b.rustour) b.dutyteam = nonify(b.dutyteam) if b.dutyteam is not None: t_id = data.execute("SELECT t_id FROM Dutyteams WHERE d_id = ?", b.dutyteam) t_id = str(t_id[0]['t_id']) if b.rustour != t_id: b.dutyteam = None b >> ("UPDATE Russer SET $ WHERE r_id = ?", r_id) # Friends: friends = request.form['friends'] friends = friends.replace('"', '') friends = friends.replace('"', '') friend_ids = [name.split()[0] for name in re.split(';\s', friends) if name != ""] for friend in friend_ids: try: b = data.Bucket() b.r_id1, b.r_id2 = sorted((int(friend), int(r_id))) b >= "Friends" except psycopg2.IntegrityError as e: pass # Friends of us: user_friends = request.form['user_friends'] user_friends = user_friends.replace('"', '') user_friends = user_friends.replace('"', '') user_friends = [name.split()[0] for name in re.split(';\s', user_friends) if name != ""] for friend in user_friends: try: b = data.Bucket() b.r_id = r_id b.username = friend b >= "Friends_of_us" except psycopg2.IntegrityError as e: pass flash("Rus opdateret") if "next" in request.form: russer = data.execute("SELECT r_id FROM Russer ORDER BY name ASC") russer = [str(rus['r_id']) for rus in russer] try: next = russer[russer.index(r_id) + 1] return redirect(url_for('rusmanager.rus', r_id=next)) except (ValueError, IndexError): pass if "previous" in request.form: russer = data.execute("SELECT r_id FROM Russer ORDER BY name ASC") russer = [str(rus['r_id']) for rus in russer] try: index = russer.index(r_id) - 1 if index < 0: raise IndexError() previous = russer[index] return redirect(url_for('rusmanager.rus', r_id=previous)) except (ValueError, IndexError): pass return redirect(url_for('rusmanager.overview')) else: rus = data.execute("SELECT * FROM Russer WHERE r_id = ?", r_id) if len(rus) == 0: return "Den rus findes ikke din spasser!" else: rus = rus[0] year = rkgyear() tours = data.execute("SELECT * FROM Tours WHERE year = ?", year) tours = [(tour['t_id'], tour['tour_name']) for tour in tours] tours = [(None, "None")] + tours birthday = rus["birthday"] if birthday == None: birthday = "" elif isinstance(birthday, datetime.date): birthday = birthday.isoformat() dutyteams = data.execute("SELECT * FROM Dutyteams WHERE t_id = ?", rus["rustour"]) dutyteams = [(dutyteam['d_id'], dutyteam['name']) for dutyteam in dutyteams] dutyteams = [(None, "None")] + dutyteams mentors = data.execute("SELECT * FROM Mentorteams WHERE year = ?", year) mentors = [(mentor['m_id'], mentor['mentor_names']) for mentor in mentors] mentors = [(None, "None")] + mentors # Friends: russer = data.execute("SELECT r_id, name FROM Russer WHERE r_id != ?", r_id) russer = ['\\"{0}\\" {1}'.format(rus['r_id'], rus['name']) for rus in russer] friends = data.execute("SELECT * FROM ((SELECT r_id2 as r_id FROM Friends WHERE r_id1 = ?) UNION (SELECT r_id1 as r_id FROM Friends where r_id2 = ?)) as a INNER JOIN Russer USING (r_id) ORDER BY Name", r_id, r_id) friends = ['"{0}" {1}; '.format(friend['r_id'], friend['name']) for friend in friends] friends = "".join(friends) # Friends of us: users = data.execute("SELECT username, name FROM Users WHERE deleted = ?", False) users = ['\\"{0}\\" {1}'.format(user['username'], user['name']) for user in users] user_friends = data.execute("SELECT username, name FROM Friends_of_us INNER JOIN USERS Using (username) WHERE r_id = ?", r_id) user_friends = ['"{0}" {1}; '.format(friend['username'], friend['name']) for friend in user_friends] user_friends = "".join(user_friends) gender = [("male", "Mand"), ("female", "Kvinde"), ("other", "andet")] wb = html.WebBuilder() wb.form() wb.formtable() wb.html(rus_icons(rus)) wb.checkbox("can_contact", "Må kontaktes") wb.checkbox("called", "Opringet") wb.textfield("name", "Navn") wb.select("gender", "Køn", gender) wb.calendar("birthday", "Fødselsdag") wb.textfield("phone", "Tlf") wb.textfield("email", "email") wb.textfield("co", "co") wb.textfield("address", "Adresse") wb.textfield("zipcode", "Postnummer") wb.textfield("city", "By") wb.textfield("move_time", "Flyttedato") wb.textfield("new_address", "Ny adresse") wb.textfield("new_zipcode", "Nyt postnummer") wb.textfield("new_city", "Ny by") wb.textfield("vacation", "Ferie") wb.textfield("priority", "DIKU prioritet") wb.textfield("gymnasium", "Adgangsgivende eksamen (inkl. år)") wb.textfield("since_gymnasium", "Lavet efterfølgende") wb.textfield("supplementary_exams", "Tager du supplerende eksamener") wb.textfield("merit", "Merit") wb.textfield("code_experience", "Kode erfaring") wb.textfield("special_needs", "Specielle behov") wb.textfield("plays_instrument", "Spiller instrument") wb.textarea("other", "Andet") #wb.textfield("Friends", "Kender") wb.checkbox("attending_uniday", "Deltager unidag") wb.checkbox("attending_campus", "Deltager campus") wb.checkbox("attending_rustour", "Deltager rustur") wb.select("mentor", "Mentorhold:", mentors) wb.select("rustour", "Skal på:", tours) # wb.textfield("dutyteam", "Tjansehold") wb.select("dutyteam", "Tjansehold:", dutyteams) wb.textfield("tshirt", "Tshirt størrelse") wb.checkbox("paid", "Betalt") wb.html(html.autocomplete_multiple(russer, "friends", default=friends), description="Tilføj bekendte russer") wb.html(html.autocomplete_multiple(users, "user_friends", default=user_friends), description="Tilføj bekendte vejledere") wb.html('<button type="submit" name="next" value="next">Gem og gå videre</button>') wb.html('<button type="submit" name="previous" value="previous">Gem og gå til forige</button>') form = wb.create(rus) return render_template("rusmanager/rus.html", form=form, name=rus['name'])
def settings(t_id): if request.method == "POST": if 'cancel' in request.form: return redirect(url_front()) b = data.Bucket(request.form) b.theme b.type b.notes if b.tour_name == "": b.tour_name = "Unavngiven rustur" if b.year.isdecimal(): b.year = int(b.year) else: flash("Please enter a valid year") return html.back() b >> ("UPDATE Tours $ WHERE t_id = ?", t_id) tutors = request.form['tutors'] tutors = tutors.replace('"', '') tutors = tutors.replace('"', '') tutors = [ name.split()[0] for name in re.split(';\s', tutors) if name != "" ] old = data.execute("SELECT username FROM Tours_tutors WHERE t_id = ?", t_id) old = [tutor['username'] for tutor in old] for tutor in set(old) - set(tutors): data.execute( "DELETE FROM Tours_tutors WHERE t_id = ? and username = ?", t_id, tutor) for tutor in sorted(set(tutors) - set(old)): try: data.execute( "INSERT INTO Tours_tutors(t_id, username) VALUES (?, ?)", t_id, tutor) except psycopg2.IntegrityError as e: if e.pgerror.startswith( 'ERROR: insert or update on table "tours_tutors" violates foreign key constraint "tours_tutors_username_fkey"' ): flash("No tutor: " + tutor) raise return redirect(url_for('rustours.rustour', t_id=t_id)) else: tours = data.execute("SELECT * FROM Tours WHERE t_id = ?", t_id) if len(tours) != 1: flash(escape("Den tur findes ikke")) return redirect(url_for("rustours.overview")) tour = tours[0] all_tutors = data.execute( "SELECT * FROM Users WHERE username IN (Select username from Group_users where groupname = 'rkg')" ) all_tutors = [ '\\"{0}\\" {1}'.format(tutor['username'], tutor['name']) for tutor in all_tutors ] all_tutors.sort() actual_tutors = data.execute( "SELECT * FROM Tours_tutors INNER JOIN Users USING(username) WHERE t_id = ?", t_id) actual_tutors = [ '"{0}" {1}; '.format(tutor['username'], tutor['name']) for tutor in actual_tutors ] actual_tutors.sort() actual_tutors = "".join(actual_tutors) w = html.WebBuilder() w.form() w.formtable() w.textfield("tour_name", "Navn") w.textfield("theme", "Tema") w.textfield("year", "År") w.select("type", "Type", [('p', 'Pigetur'), ('t', 'Transetur'), ('m', 'Munketur')]) w.html(html.autocomplete_multiple(all_tutors, "tutors", default=actual_tutors), description="Vejledere", value="abekat") w.textarea("notes", "Noter") form = w.create(tour) return render_template("rustours/settings.html", form=form, t_id=t_id)
def modify_book(b_id): if request.method == "POST": if 'cancel' in request.form: flash(escape("Ændringer annulleret")) return redirect(url_for("bookkeeper.book", b_id=b_id)) # TOPIC: insert descriptors b = data.Bucket(request.form) b.title b.description b >> ("UPDATE Books $ WHERE b_id = ?", b_id) # TOPIC: fetch new participants usernames = request.form['users'] usernames = usernames.replace('"', '') usernames = usernames.replace('"', '') usernames = [ name.split()[0] for name in re.split(';\s', usernames) if name != "" ] #usernames = sorted(set(usernames)) old = data.execute( "SELECT participant FROM Book_participants where b_id = ?", b_id) old = [u[0] for u in old] # TOPIC: update list of participants in database, deleting missing and inserting new for user in set(old) - set(usernames): data.execute( "DELETE FROM Book_participants where b_id = ? AND participant = ?", b_id, user) for user in sorted(set(usernames) - set(old)): data.execute( "INSERT INTO Book_participants(b_id, participant) VALUES (?, ?)", b_id, user) # TODO: maybe we should ensure no one with debts/outstandings is removed? return redirect(url_for("bookkeeper.book", b_id=b_id)) else: book = data.execute("SELECT * FROM Books where b_id = ?", b_id)[0] raw_users = data.execute("SELECT username, name FROM Users") users = [ '\\"{0}\\" {1}'.format(user['username'], user['name']) for user in raw_users ] users.sort() # TODO: fill with current participants = data.execute( "SELECT * FROM Book_participants as B INNER JOIN Users as U ON B.participant = U.username WHERE b_id = ?", b_id) participants = [ '"{0}" {1}; '.format(p['username'], p['name']) for p in participants ] participants.sort() participants = "".join(participants) print(participants) w = html.WebBuilder() w.form() w.formtable() w.textfield("title", "Overskrift") w.textarea("description", "beskrivelse") w.html(html.autocomplete_multiple(users, "users", default=participants), description="Deltagere", value="abekat") form = w.create(book) return render_template("form.html", form=form)
def entry(b_id, e_id=None): if request.method == "POST": if 'cancel' in request.form: flash(escape("Ændringer annulleret")) return redirect(url_for('bookkeeper.book', b_id=b_id)) b = data.Bucket(request.form) if b.description == "": flash("Please enter a description") return html.back() b.amount_string # TODO: check for errors try: b.amount = expinterpreter.interpret_amount(b.amount_string) except expinterpreter.ExpinterpreterException as e: flash("invalid amount") return html.back() b.date b.creditor = b.creditor.replace('"', '').replace('"', '') if b.creditor == "": flash("Please enter a creditor") return html.back() b.creditor = b.creditor.split()[0] if e_id == None: b.b_id = b_id e_id = (b >= "Entries")["e_id"] else: b >> ("UPDATE Entries $ WHERE b_id = ? and e_id = ?", b_id, e_id) # EXPLANATION: ensure all 'share's are valid integers before any database modification debts = [] for req in request.form.keys(): if req.startswith("participant_"): debtor = req[12:] # len("participant_") == 12 share_string = request.form[req] if share_string != "": try: # EXPLANATION: we store both the string and its result, if it evaluates to something meaningful share = expinterpreter.interpret(share_string) debts.append((debtor, share_string, share)) except expinterpreter.ExpinterpreterException as e: flash("Invalid expression in " + debtor + ": " + share) return html.back() # TODO: The following is not harming, but is it necessary? # TODO: Think more about this line, is the previous statement true? data.execute("DELETE FROM Debts WHERE e_id = ?", e_id) for debtor, share_string, share in debts: # NOTE: insert automaticly replaces old entries data.execute( "INSERT INTO Debts(e_id, debtor, share_string, share) VALUES (?, ?, ?, ?)", e_id, debtor, share_string, share) return redirect(url_for("bookkeeper.book", b_id=b_id)) else: w = html.WebBuilder() w.form() w.formtable() if e_id == None: description = "" amount_string = "" date = "" creditor = session['username'] else: entry = data.execute("SELECT * FROM Entries WHERE e_id = ?", e_id)[0] description = entry['description'] amount_string = entry['amount_string'] date = entry['date'].isoformat() creditor = entry['creditor'] w.textfield("description", "Hvad", value=description) w.textfield("amount_string", "Beløb", value=amount_string) w.calendar("date", "Hvornår", value=date) participants = data.execute( "SELECT * FROM Book_participants as B INNER JOIN Users as U ON B.participant = U.username WHERE b_id = ?", b_id) participant_names = [ '\\"{0}\\" {1}'.format(user['username'], user['name']) for user in participants ] #participant_names = [user['username'] for user in participants] w.html(html.autocomplete(participant_names, "creditor", default=creditor), description="Udlægger", value="abekat") # Extract users if e_id == None: previous_debtors = [] else: previous_debtors = data.execute( "SELECT username, name, share_string FROM Debts as D INNER JOIN Users as U ON D.debtor = U.username WHERE e_id = ?", e_id) usernames = [debtor['username'] for debtor in previous_debtors] #participants = data.execute("SELECT * FROM Book_participants as B INNER JOIN Users as U ON B.participant = U.username WHERE b_id = ?", b_id) new_participants = [{ 'username': p['username'], 'name': p['name'], 'share_string': '' } for p in participants if p['username'] not in usernames] all_participants = previous_debtors + new_participants all_participants = sorted(all_participants, key=lambda x: x['username']) for user in all_participants: name = 'participant_{0}'.format(user['username']) description = '"{0}" {1}'.format(user['username'], user['name']) value = user['share_string'] w.textfield(name, description, value=value) form = w.create() return render_template("form.html", form=form)