def getTableName(db): print 'Choose the set of options to manage:<BR>' sqlStatement="select tablename from pg_tables where tablename!~'pg_'" result=pmt_utils.executeSQL(db,sqlStatement) table='' if form.has_key('table_name'): table=form['table_name'].value print '<SELECT NAME=table_name>' for i in xrange(len(result['result'])): name=result['result'][i]['tablename'] sql="select count(*) from pg_attribute,pg_class " sql=sql+"where pg_attribute.attrelid=pg_class.relfilenode " sql=sql+"and pg_class.relname='%s' and attnum>0" % name num_cols=pmt_utils.executeSQL(db, sql) if num_cols['result'][0]['count']==1: if name==table: print '<OPTION SELECTED VALUE="%s">%s' % (name,name) else: print '<OPTION VALUE="%s">%s' % (name,name) print '</SELECT>' print '<INPUT NAME=submit VALUE="View Options" TYPE=submit>' print '<BR><BR>'
def doEdit(): status,table_data,db = pageInit('Edit',formJS=1) if status!='success': message="Could not connect to db.\n%s" % status exit(message) status, details = db_authentication.password_valid(db, crypt_salt=db_name, username=username, password=password) if status != 'success': exit(details) sqlStatement = pmt_utils.selectAllColumnsSqlStatement(table_data, 'project_members', form["key_id"].value) dbResult = pmt_utils.executeSQL(db, sqlStatement) if dbResult['status'] != 'success': message="Could not get project member data.\n%s" % dbResult['message'] exit(message) result = dbResult['result'] table_data=pmt_utils.dbToTableData(table_data,'project_members',result[0]) pmt_utils.display_form(table_data,'project_members', 1,'useValues', 1, db) # get user privileges and display them sqlStatement = "select * from priviledges where " +\ "member_username='******'" % (result[0]['member_username']) dbResult = pmt_utils.executeSQL(db, sqlStatement) if dbResult['status'] != 'success': message="Could not get privileges from db.\n%s" % dbResult['message'] exit(message,table_data,db) result = dbResult['result'] table_data = pmt_utils.dbToTableData(table_data,'priviledges', result[0]) displayPriviledges(result[0], table_data) pmt_utils.alertsArea(form,"Project member data retrieved successfully") listing_url= '/%s-cgi-bin/project_members_admin.pyc?performDbQuery=1' % (db_name) help_url='/%s/html/contactsum.html' % db_name pmt_utils.editFunctionButtons(form["key_id"].value,listing_url,help_url) pmt_utils.textbox(None, 'key_id', '', '10', '10', None, None, 'hidden') pmt_utils.textbox(None, 'action', '', '10', '10', None, None, 'hidden') pmt_utils.textbox(None, 'item_no', '', '8', '8', None, None, 'hidden') pageEnd(table_data,db)
def doDelete(): dbResult = pmt_utils.connectDB(declarations.pmt_info['browser_username'], declarations.pmt_info['browser_password'], declarations.pmt_info['db_name']) if dbResult['status'] != 'success': onQueryLoad = 'displayWindow("Could not connect to the database")' message = "Could not connect to the database.\n%s" % dbResult['message'] exit(message) db = dbResult['result'] status, details = db_authentication.password_valid(db, crypt_salt=db_name, username=username, password=password) if status != 'success': exit(details) sqlStatement = "DELETE FROM inventory WHERE id = '%s'" % ( form["key_id"].value) dbResult = pmt_utils.executeSQL(db, sqlStatement) if dbResult['status'] != 'success': onQueryLoad = "return displayWindow('Could not delete item data')" else: onQueryLoad = "return displayWindow('Item data successfully deleted')" db.close() query_inventory(1)
def doView(): status, table_data, db = pageInit('View', formJS=1) if status != 'success': message = "Could not connect to db.\n%s" % (status) exit(message) # Get user data from db sqlStatement = pmt_utils.selectAllColumnsSqlStatement( table_data, 'project_members', form["key_id"].value) dbResult = pmt_utils.executeSQL(db, sqlStatement) if dbResult['status'] != 'success': message = "Unable to get member data from db.\n" + dbResult['message'] exit(message) # Display user data result = dbResult['result'] table_data = pmt_utils.dbToTableData(table_data, 'project_members', result[0]) table_data['project_members']['member_username']['display'] = 'read-only' table_data['project_members']['member_role']['display'] = 'read-only' table_data['project_members']['member_password']['display'] = 'Hidden' pmt_utils.display_form(table_data, 'project_members', editable=0) # Add buttons, and company info url = '/%s-cgi-bin/contact_list.pyc?performDbQuery=1' % db_name pmt_utils.viewFunctionButtons(url, '/%s/html/contactsum.html' % (db_name)) pageEnd(table_data, db)
def doView(): status,table_data,db=pageInit('View',formJS=1) if status != 'success': message="Could not connect to db.\n%s" % status exit(message) sqlStatement = pmt_utils.selectAllColumnsSqlStatement(table_data, 'project_members', form["key_id"].value) dbResult = pmt_utils.executeSQL(db, sqlStatement) if dbResult['status'] != 'success': message="Unable to get project member data.\n%s" % dbResult['message'] exit(message,table_data,db) # Display user data result = dbResult['result'] table_data=pmt_utils.dbToTableData(table_data,'project_members',result[0]) pmt_utils.display_form(table_data, 'project_members', 0) # Add buttons and hidden fields listing_url='/%s-cgi-bin/project_members_admin.pyc?performDbQuery=1' % (db_name) help_url='/%s/html/contactsum.html' % db_name pmt_utils.viewFunctionButtons(listing_url, help_url) pageEnd(table_data,db)
def doView(): status,table_data,db=pageInit("View",formJS=1) if status != 'success': message='Could not connect to db.\n%s' % status exit(message) status, details = db_authentication.password_valid(db, crypt_salt=db_name, username=username, password=password) if status != 'success': exit(details) sqlStatement = pmt_utils.selectAllColumnsSqlStatement(table_data, 'spr', form["key_id"].value) dbResult = pmt_utils.executeSQL(db, sqlStatement) if dbResult['status'] != 'success': message="Item data could not be retrieved.\n" + dbResult['message'] exit(message) result = dbResult['result'] table_data = pmt_utils.dbToTableData(table_data, 'spr', result[0]) display_questionnaire(db,table_data, 'read-only') listing_url='/%s-cgi-bin/spr_admin.pyc?performDbQuery=1' % (db_name) help_url='/%s/html/sprsum.html' % (db_name) emailButton(username,form['key_id'].value,listing_url, help_url) pageEnd(table_data,db)
def doEdit(): status, table_data, db = pageInit("Edit", formJS=1) if status != 'success': message = "Could not connect to the database\n" + status exit(message.table_data, db) status, details = db_authentication.password_valid(db, crypt_salt=db_name, username=username, password=password) if status != 'success': exit(details, table_data, db) sqlStatement = pmt_utils.selectAllColumnsSqlStatement( table_data, 'ecp', form["key_id"].value) dbResult = pmt_utils.executeSQL(db, sqlStatement) if dbResult['status'] != 'success': message = "Could not retrieve item.\n" + dbResult['message'] exit(message, table_data, db) result = dbResult['result'] table_data = pmt_utils.dbToTableData(table_data, 'ecp', result[0]) display_questionnaire(db, table_data, 'edit') pmt_utils.alertsArea(form, "Item data retrieved successfully") del_priv = pmt_utils.hasPriv(db, username, 'del_ecp') list_url = '/%s-cgi-bin/ecp_admin.pyc?performDbQuery=1' % (db_name) help_url = "/%s/html/ecp_intro.html" % db_name editFunctionButtons(form["key_id"].value, list_url, help_url, del_priv) pmt_utils.textbox(None, 'key_id', '', '10', '10', None, None, 'hidden') pmt_utils.textbox(None, 'action', '', '10', '10', None, None, 'hidden') pmt_utils.textbox(None, 'item_no', '', '8', '8', None, None, 'hidden') pmt_utils.textbox(None, 'analyst_signature', table_data['ecp']['analyst_signature']['value'], '40', '40', None, None, 'hidden') pmt_utils.textbox(None, 'swm_analysis_signature', table_data['ecp']['swm_analysis_signature']['value'], '40', '40', None, None, 'hidden') pmt_utils.textbox(None, 'swm_completion_signature', table_data['ecp']['swm_completion_signature']['value'], '40', '40', None, None, 'hidden') pmt_utils.textbox(None, 'gccb_signature', table_data['ecp']['gccb_signature']['value'], '40', '40', None, None, 'hidden') pmt_utils.textbox(None, 'ccb_signature', table_data['ecp']['ccb_signature']['value'], '40', '40', None, None, 'hidden') pmt_utils.textbox(None, 'qa_completion_signature', table_data['ecp']['qa_completion_signature']['value'], '40', '40', None, None, 'hidden') pmt_utils.textbox(None, 'test_completion_signature', table_data['ecp']['test_completion_signature']['value'], '40', '40', None, None, 'hidden') pageEnd(table_data, db)
def doSave(): saveDueToCreate = 0 status, table_data, db = pageInit('Save', formJS=1) if status != 'success': message = "Could not connect to db.\n" + status exit(message) status, details = db_authentication.password_valid(db, crypt_salt=db_name, username=username, password=password) if status != 'success': exit(details) if form["key_id"].value == 'create': saveDueToCreate = 1 queryResult = pmt_utils.executeSQL(db, "SELECT NEXTVAL('pai_id_seq')") form["key_id"].value = ` queryResult['result'][0]['nextval'] ` dbResult = pmt_utils.saveForm(table_data, db, form['key_id'].value, "pai", " WHERE id = '%s'" % form["key_id"].value, form) if dbResult['status'] != 'success': message = "Action item could not be saved.\n" + dbResult['message'] exit(message) if saveDueToCreate: subject = 'New PAI #%s has been generated' % (form['key_id'].value) msg = "PAI #%s has been generated.\n\n" % form["key_id"].value msg = msg + "Assigned to: %s\n" % form['assigned_to'].value msg = msg + "Problem Description:\n%s" % form['action_required'].value msg = msg + "\n\nLog into the Project Action Item tracking tool at " msg = msg + "http://www.isrparc.org for further info.\n\n" msg = msg + "If you do not wish to be on this mailing list please " msg = msg + "send an email requesting removal to [email protected].\n" pmt_utils.emailList(db, 'localhost', 'pai_list', subject, msg) table_data = pmt_utils.formToTableData(table_data, 'pai', form, form['key_id'].value) pmt_utils.display_form(table_data, 'pai', 1, 'useValues', 1, db) pmt_utils.alertsArea(form, "Action item successfully saved") # generate function button row listing_url = '/%s-cgi-bin/pai_admin.pyc?performDbQuery=1' % (db_name) help_url = '/%s/html/paisum.html' % (db_name) editFunctionButtons(form["key_id"].value, listing_url, help_url) # generate hidden fields for form pmt_utils.textbox(None, 'key_id', '', '10', '10', None, None, 'hidden') pmt_utils.textbox(None, 'action', '', '10', '10', None, None, 'hidden') pmt_utils.textbox(None, 'item_no', '', '8', '8', None, None, 'hidden') pageEnd(table_data, db)
def create_admin(db, site_name, admin_user, admin_pass): # Insert a new user into the project_members table # Insert the new user into the privileges table and grant them user_admin privs # Update the project_member_id_seq print "Creating %s admin..." % site_name sqlStatement = "INSERT INTO project_members (id, member_username, member_password) VALUES ('1','%s','%s')" % ( admin_user, admin_pass) result = pmt_utils.executeSQL(db, sqlStatement) sqlStatement = "INSERT INTO priviledges (member_username, user_admin) VALUES ('%s','%s')" % ( admin_user, 't') result = pmt_utils.executeSQL(db, sqlStatement) queryResult = pmt_utils.executeSQL( db, "SELECT NEXTVAL('project_members_id_seq')")
def doDelete(): dbResult = pmt_utils.connectDB(declarations.pmt_info['browser_username'], declarations.pmt_info['browser_password'], declarations.pmt_info['db_name']) if dbResult['status'] != 'success': message='Could not connect to the database.\n%s' % dbResult['message'] onQueryLoad = "displayWindow('%s')" % message exit(message) db = dbResult['result'] sql = "SELECT member_username FROM project_members " sql=sql+"WHERE id = '%s'" % (form['key_id'].value) dbResult = pmt_utils.executeSQL(db, sql) if dbResult['status'] != 'success': messsage='Could not delete project member data' onQueryLoad = "return displayWindow('%s')" % message exit(message) result = dbResult['result'] username = string.strip(result[0]['member_username']) sql="DELETE FROM project_members WHERE id = '%s'" % (form["key_id"].value) dbResult = pmt_utils.executeSQL(db, sql) msg='/var/www/admin/%s.passwd' % (db_name) deleteUserStatus, output=authentication.delete_pwd_entry(msg,username) if (dbResult['status'] !='success') or (deleteUserStatus !='success'): message='Could not delete project member data' onQueryLoad = "return displayWindow('%s')" % message exit(message) sql = "DELETE FROM priviledges WHERE member_username='******'" % username pmt_utils.executeSQL(db,sql) message='Project member data successfully deleted' onQueryLoad = "return displayWindow('%s')" % message db.close() query_project_members(1)
def update_username_password(db, username, password, crypt_salt): sql="UPDATE project_members SET member_password = '******' " % (password) sql=sql+"WHERE member_username = '******'" % (username) dbResult = pmt_utils.executeSQL(db, sql) if dbResult['status'] != 'success': return ('error', 'Username not found') else: return ('success', 'Password updated')
def addOption(db): option=form['to_add'].value table=form['table_name'].value sqlStatement="insert into %s values ('%s')" % (table,option) add=pmt_utils.executeSQL(db, sqlStatement) if add['status']!='success': message=add['message'] else: message="The option '%s' has been added to %s" % (option,table) return message
def deleteOption(db): option=form['to_delete'].value table=form['table_name'].value key=form['key'].value sqlStatement="delete from %s where %s='%s'" % (table,key,option) delete=pmt_utils.executeSQL(db, sqlStatement) if delete['status']!='success': message=delete['message'] else: message="The option '%s' has been removed from %s" % (option,table) return message
def doEdit(): status, table_data, db = pageInit("Edit", formJS=1) if status != 'success': message = "Could not connect to the database.\n" + status exit(message) status, details = db_authentication.password_valid(db, crypt_salt=db_name, username=username, password=password) if status != 'success': exit(details) sqlStatement = pmt_utils.selectAllColumnsSqlStatement( table_data, 'inventory', form["key_id"].value) dbResult = pmt_utils.executeSQL(db, sqlStatement) if dbResult['status'] != 'success': message = "Could not retrieve item to edit.\n" + dbResult['message'] exit(message) result = dbResult['result'] table_data = pmt_utils.dbToTableData(table_data, 'inventory', result[0]) display_questionnaire(db, table_data, 'edit') pmt_utils.alertsArea(form, "Item data retrieved successfully") pmt_utils.textbox( None, 'prop_id_assigned_by_signature', table_data['inventory']['prop_id_assigned_by_signature']['value'], '40', '40', None, None, 'hidden') listing_url = '/%s-cgi-bin/inv_admin.pyc?performDbQuery=1' % (db_name) help_url = '/%s/html/sprsum.html' % (db_name) po_id = table_data['inventory']['po_id']['value'] print '<input type=hidden name=po_id value="%s">' % po_id if form.has_key("return_to_po"): print '<input type=hidden name=return_to_po value=1>' java = "return goto_url('/%s-cgi-bin/po_admin.pyc?action=edit&key_id=%s')" % ( db_name, table_data['inventory']['po_id']['value']) html = '<INPUT NAME="edit" type="button" value=" Return to PO " onClick="%s">' % java print '<BR><BR>' print html editFunctionButtons(form["key_id"].value, listing_url, help_url) pmt_utils.textbox(None, 'key_id', '', '10', '10', None, None, 'hidden') pmt_utils.textbox(None, 'action', '', '10', '10', None, None, 'hidden') pmt_utils.textbox(None, 'item_no', '', '8', '8', None, None, 'hidden') pageEnd(table_data, db)
def listOptions(db): sqlStatement='select * from %s' % form['table_name'].value options=pmt_utils.executeSQL(db,sqlStatement) key=options['result'][0].keys()[0] print "Choose from the following options:<BR>" print '<SELECT NAME=to_delete>' for i in xrange(len(options['result'])): curr=options['result'][i][key] print '<OPTION VALUE="%s">%s' % (curr,curr) print '</SELECT>' print '<INPUT NAME=key VALUE="%s" TYPE=hidden>' % key print '<INPUT NAME=delete VALUE="Delete" TYPE=submit>' print "<BR><BR>"
def username_exists(db, username): sql="SELECT count(*) FROM project_members " sql=sql+"WHERE member_username = '******'" % (username) dbResult = pmt_utils.executeSQL(db, sql) if dbResult['status'] != 'success': return ('error', 'Username not found') else: result = dbResult['result'] if result[0]['count'] > 0: return ('success', 'Username found') else: return ('error', 'Username not found')
def doEdit(): status, table_data, db = pageInit('Edit', formJS=0) if status != 'success': message = "Could not connect to db.\n%s" % status exit(message) status, details = db_authentication.password_valid(db, crypt_salt=db_name, username=username, password=password) if status != 'success': exit(details) sqlStatement = pmt_utils.selectAllColumnsSqlStatement( table_data, 'project_members', form["key_id"].value) dbResult = pmt_utils.executeSQL(db, sqlStatement) if dbResult['status'] != 'success': message = "Unable to get member data from db.\n" + dbResult['message'] exit(message) result = dbResult['result'] table_data = pmt_utils.dbToTableData(table_data, 'project_members', result[0]) table_data['project_members']['member_username']['display'] = 'read-only' table_data['project_members']['member_password']['display'] = 'Hidden' table_data['project_members']['member_role']['display'] = 'read-only' pmt_utils.display_form(table_data, 'project_members', 1, 'useValues', 1, db) pmt_utils.alertsArea(form, "Member data retrieved successfully") listing_url = '/%s-cgi-bin/contact_list.pyc?performDbQuery=1' % db_name help_url = '/%s/html/contactsum.html' % (db_name) editFunctionButtons(form['key_id'].value, listing_url, help_url) pmt_utils.textbox(None, 'key_id', '', '10', '10', None, None, 'hidden') pmt_utils.textbox(None, 'action', '', '10', '10', None, None, 'hidden') pmt_utils.textbox(None, 'item_no', '', '8', '8', None, None, 'hidden') pageEnd(table_data, db)
def doView(): status, table_data, db = pageInit("View", formJS=1) if status != 'success': message = 'Could not connect to db.\n%s' % status exit(message) status, details = db_authentication.password_valid(db, crypt_salt=db_name, username=username, password=password) if status != 'success': exit(details) sqlStatement = pmt_utils.selectAllColumnsSqlStatement( table_data, 'inventory', form["key_id"].value) dbResult = pmt_utils.executeSQL(db, sqlStatement) if dbResult['status'] != 'success': message = "Item data could not be retrieved.\n" + dbResult['message'] exit(message) result = dbResult['result'] table_data = pmt_utils.dbToTableData(table_data, 'inventory', result[0]) display_questionnaire(db, table_data, 'read-only') listing_url = '/%s-cgi-bin/inv_admin.pyc?performDbQuery=1' % (db_name) help_url = '/%s/html/sprsum.html' % (db_name) emailButton(username, form['key_id'].value, listing_url, help_url) po_id = table_data['inventory']['po_id']['value'] print '<input type=hidden name=po_id value="%s">' % po_id if form.has_key("return_to_po"): print '<input type=hidden name=return_to_po value=1>' java = "return goto_url('/%s-cgi-bin/po_admin.pyc?action=edit&key_id=%s')" % ( db_name, table_data['inventory']['po_id']['value']) html = '<INPUT NAME="view" type="button" value=" Return to PO " onClick="%s">' % java print '<BR><BR>' print html pageEnd(table_data, db)
def getAllUsers(): # Connect to the database status,db=dbInit() if status!='success': print "Unable to get users from database" return 'error',None # Get all users in the project sql="select member_username from project_members;" result=pmt_utils.executeSQL(db,sql) if result['status']!='success': print "Unable to execute query for user list" return 'error',None # Build the list of usernames userList=[] for user in result['result']: userList.append(user['member_username']) return 'success',userList
def doEdit(): status, table_data, db = pageInit('Edit', formJS=1) if status != 'success': message = "Could not connect to the database.\n" + status exit(message) status, details = db_authentication.password_valid(db, crypt_salt=db_name, username=username, password=password) if status != 'success': exit(details) sqlStatement = pmt_utils.selectAllColumnsSqlStatement( table_data, 'pai', form["key_id"].value) dbResult = pmt_utils.executeSQL(db, sqlStatement) if dbResult['status'] != 'success': message = "Could not retrieve action item to edit.\n" + dbResult[ 'message'] exit(message) result = dbResult['result'] table_data = pmt_utils.dbToTableData(table_data, 'pai', result[0]) pmt_utils.display_form(table_data, 'pai', 1, 'useValues', 1, db) pmt_utils.alertsArea(form, "Action item data retrieved successfully") listing_url = '/%s-cgi-bin/pai_admin.pyc?performDbQuery=1' % (db_name) help_url = '/%s/html/pai_intro.html' % (db_name) del_priv = pmt_utils.hasPriv(db, username, 'del_pai') editFunctionButtons(form["key_id"].value, listing_url, help_url, del_priv) pmt_utils.textbox(None, 'key_id', '', '10', '10', None, None, 'hidden') pmt_utils.textbox(None, 'action', '', '10', '10', None, None, 'hidden') pmt_utils.textbox(None, 'item_no', '', '8', '8', None, None, 'hidden') pageEnd(table_data, db)
def password_valid(db, crypt_salt, username, password): status, details = username_exists(db, username) if status == 'success': sql="SELECT member_password FROM project_members " sql=sql+"WHERE member_username = '******'" % (username) dbResult = pmt_utils.executeSQL(db, sql) if dbResult['status'] != 'success': return ('error', 'Username/password not valid') else: result = dbResult['result'] hash=sha.new(result[0]['member_password']).digest() if hash == password: return ('success', 'Username/password valid') else: return ('error', 'Invalid password') else: return ('error', 'Username not found')
pmt_utils.mainHeading('Send Email') print '<hr>' db = pmt_utils.connectDB(declarations.pmt_info['browser_username'], declarations.pmt_info['browser_password'], declarations.pmt_info['db_name']) if db['status'] != 'success': print "Cannot connect to database" sys.exit else: db = db['result'] sql = "select email from project_members " sql = sql + "where member_username='******'" % username email = pmt_utils.executeSQL(db, sql) sql = "select * from %s " % form['table'].value sql = sql + "where id='%s'" % form['key'].value data = pmt_utils.executeSQL(db, sql) displayEmail(form['table'].value, data['result'][0], email['result'][0]['email']) elif form.has_key('project') and form.has_key('fullpath'): # from list_docs.py: get recipient, subject, and content db = pmt_utils.connectDB(declarations.pmt_info['browser_username'], declarations.pmt_info['browser_password'], declarations.pmt_info['db_name']) if db['status'] != 'success':
def doSave(): status,table_data,db=pageInit('Save',formJS=1) if status != 'success': message="Could not connect to db.\n%s" % status exit(message) create='false' if form["key_id"].value == 'create': create='true' # check for duplicate username sql="select id from project_members " sql=sql+"where member_username='******'" % form['member_username'].value dupResult=pmt_utils.executeSQL(db,sql) if len(dupResult['result'])!=0: msg="The specified username '%s' "% form['member_username'].value msg=msg+'is already in use.' exit(msg) # update the member id sql="SELECT NEXTVAL('project_members_id_seq')" queryResult = pmt_utils.executeSQL(db, sql) if queryResult['status']!='success': message="Unable to retrieve project member id" exit(message,table_data,db) form["key_id"].value = `queryResult['result'][0]['nextval']` form['id'].value=form['key_id'].value # save member data to project_members table in db dbResult = pmt_utils.saveForm(table_data, db, form['key_id'].value, "project_members", " WHERE id = '%s'" % form["key_id"].value, form) if dbResult['status'] != 'success': message="Project member could not be saved.\n" + dbResult['message'] exit(message,table_data,db) # save privileges to privileges table in db whereStr=" WHERE member_username='******'" % form["member_username"].value dbResult = pmt_utils.saveForm(table_data, db, form['member_username'].value, "priviledges", whereStr, form) if dbResult['status'] != 'success': message="Unable to save member privileges.\n%s" % dbResult['message'] exit(message,table_data,db) # Display the user information table_data = pmt_utils.formToTableData(table_data, 'project_members', form, form['key_id'].value) pmt_utils.display_form(table_data,'project_members',1,'useValues',1,db) # Display the user's privileges sql = "select * from priviledges " sql=sql+"where member_username='******'" % (form['member_username'].value) dbResult = pmt_utils.executeSQL(db, sql) if dbResult['status'] != 'success': message="Could not get member privileges.\n%s" % dbResult['message'] exit(message) result = dbResult['result'] table_data = pmt_utils.dbToTableData(table_data, 'priviledges', result[0]) displayPriviledges(result[0], table_data) pmt_utils.alertsArea(form,"Project member successfully saved") # if create=='true': # Add the username and password to the .passwd file or htaccess command='/usr/bin/htpasswd -b ' command=command+'/var/www/admin/%s.passwd ' % db_name #NOTE : Use the form data here since an admin's cookie is logged in command=command+'%s ' % form['member_username'].value command=command+'%s' % form['member_password'].value status, output = commands.getstatusoutput(command) if create=='true': # Send an email to the new user db_label=string.upper(db_name) if db_label=='SAVE': db_label="IFCS" if db_label=="BUAV": db_label="FCST" if db_label=="CUAV": db_label="PADV" msg="A new user account has been created for you " msg=msg+"on the %s site at www.isrparc.org.\n\n"%string.upper(db_label) #NOTE : Use the form data here since an admin's cookie is logged in msg=msg+"Username: %s\n" % form['member_username'].value msg=msg+"Password: %s" % form['member_password'].value pmt_utils.send_email('localhost', '*****@*****.**', [form['email'].value], "New User Account", msg) # Add buttons and hidden fields listing_url='/%s-cgi-bin/project_members_admin.pyc?performDbQuery=1' % (db_name) help_url='/%s/html/contactsum.html' % db_name pmt_utils.editFunctionButtons(form["key_id"].value,listing_url, help_url) pmt_utils.textbox(None, 'key_id', '', '10', '10', None, None, 'hidden') pmt_utils.textbox(None, 'action', '', '10', '10', None, None, 'hidden') pmt_utils.textbox(None, 'item_no', '', '8', '8', None, None, 'hidden') pageEnd(table_data,db)
def getPermissionLists(): filename=form['filename'].value status,db=dbInit() if status!='success': print "Initialization Error" return "error",None,None if not os.path.exists(filename): print "Specified file could not be found: %s" % filename return "error",None,None # Open the permission file and read the list of allowed users #file,ext=os.path.splitext(filename) relative_filename=os.path.split(filename)[1] if os.path.exists("%s.perm" % filename): print "<H2>Loading permissions for %s</H2>" % relative_filename new_permissions=0 else: print "<H2>Creating permissions for %s</H2>" % relative_filename new_permissions=1 # If this is the first time permissions have been set ... if new_permissions: # ... the allowedUsers list is empty owner="None" allowedUsers=[] else: # ... otherwise, read the list of allowed users from the file permFile=open("%s.perm" % filename,'r') owner=permFile.readline() allowedUsers=permFile.readlines() permFile.close() if string.find(owner,':')>=0: owner=string.split(owner,":")[1] owner=string.strip(owner) else: allowedUsers.append(owner) owner="None" # Strip off the newline for i in xrange(0,len(allowedUsers)): allowedUsers[i]=allowedUsers[i][:-1] print "<CENTER>Owner: %s</CENTER><BR>" % owner # Build list of refused users sql="select member_username from project_members;" result=pmt_utils.executeSQL(db,sql) if result['status']!='success': print "Error fetching user list" return "error",None,None # Add any users that are not in the permissions file to refusedUsers refusedUsers=[] for user in result['result']: if user['member_username'] not in allowedUsers: refusedUsers.append(user['member_username']) refusedUsers.sort() allowedUsers.sort() # if there is no permissions file, all users are allowed access if new_permissions: # but allowedUsers is empty and refusedUsers contains all users # so return them swapped return "success", refusedUsers, allowedUsers else: return "success", allowedUsers, refusedUsers
def doCsv(): # Setup the javascript and html, connect to the db subHeading = 'Address Book (Palm Desktop Import File)' status, table_data, db = pageInit(subHeading, formJS=0) if status != 'success': message = "Couldn't connect to db.\n%s" % (status) exit(message) # Get project member contact info sql = "SELECT first_name, last_name, email, company_name, " sql = sql + "address_line_1, address_line_2, city, state, zip, " sql = sql + "phone_number_voice, phone_extension, " sql = sql + "cell_phone_number, phone_number_fax " sql = sql + "from project_members ORDER by last_name, first_name" queryResult = pmt_utils.executeSQL(db, sql) if queryResult["status"] != 'success': message = "Query failed.\n" + dbResult['message'] exit(message) result = queryResult['result'] # Display a link to the file and a listing of the data itself url = '/%s/html/%s' % (urllib.quote(db_name), 'address_book.dat') print '<BR><BR><a href="%s">' % url print 'Palm Desktop Address Book Import File ' print '(Right Click Here and select ' print '"Save Link As" to download)</a>' print '<BR><BR><B>You should configure Palm Desktop Tools ' print 'to import the Address Book with a comma used as the ' print 'field deliminter and with the following order of the ' print 'fields for each address entry:</B>' print '<TABLE BORDER>' print '<TR><TD>First Name</TD><TD>Last Name</TD>' print '<TD>Company Name</TD><TD>Address</TD><TD>City</TD>' print '<TD>State</TD><TD>Zip Code</TD><TD>Work</TD>' print '<TD>Fax</TD><TD>Mobile</TD><TD>E-Mail</TD></TR></TABLE>' print '<BR><B>The contents of this Address Book ' print 'Import file follows:</B>' print '<PRE>' output_lines = [] for i in xrange(0, len(result)): if string.strip(result[i]['phone_extension']) != '': ext = ' x' + result[i]['phone_extension'] else: ext = '' if string.strip(result[i]['address_line_1']) != '': address = result[i]['address_line_1'] if string.strip(result[i]['address_line_2']) != '': address = address + ' ' + result[i]['address_line_2'] else: address = '' outline = result[i]['first_name'] + ',' outline = outline + result[i]['last_name'] + ',' outline = outline + result[i]['company_name'] + ',' outline = outline + address + ',' outline = outline + result[i]['city'] + ',' outline = outline + result[i]['state'] + ',' outline = outline + result[i]['zip'] + ',' outline = outline + result[i]['phone_number_voice'] + ext + ',' outline = outline + result[i]['phone_number_fax'] + ',' outline = outline + result[i]['cell_phone_number'] + ',' outline = outline + result[i]['email'] print outline output_lines.append(outline) # Write the contact data to a file output_filename = '/home/%s/html/address_book.dat' % db_name file_io.writeToFile(output_filename, output_lines) print '</PRE>' # Add buttons, hidden html form data, and company info queryFunctionButtons(0, '/%s/html/contactsum.html' % (db_name)) pmt_utils.textbox(None, 'key_id', '', '10', '10', None, None, 'hidden') pmt_utils.textbox(None, 'action', '', '10', '10', None, None, 'hidden') pmt_utils.textbox(None, 'item_no', '', '8', '8', None, None, 'hidden') pageEnd(table_data, db)
def doSave(): saveDueToCreate = 0 status, table_data, db = pageInit('Edit', formJS=1) if status != 'success': message = "Could not connect to db.\n%" % status exit(message) status, details = db_authentication.password_valid(db, crypt_salt=db_name, username=username, password=password) if status != 'success': exit(details) if form["key_id"].value == 'create': saveDueToCreate = 1 queryResult = pmt_utils.executeSQL( db, "SELECT NEXTVAL('inventory_id_seq')") form["key_id"].value = ` queryResult['result'][0]['nextval'] ` table_data = pmt_utils.formToTableData(table_data, 'inventory', form, form['key_id'].value) alerts = '' data = pmt_utils.process_signature( db, form['prop_id_assigned_by_username'].value, form['prop_id_assigned_by_password'].value, 'Property ID Authority', form['prop_id_assigned_by_signature'].value, form['prop_id_assigned_by_sig_func'].value) (status, details, table_data['inventory']['prop_id_assigned_by_username']['value'], table_data['inventory']['prop_id_assigned_by_password']['value'], table_data['inventory']['prop_id_assigned_by_signature']['value'], table_data['inventory']['prop_id_assigned_by_sig_func']['value']) = data dbResult = pmt_utils.saveForm(table_data, db, form['key_id'].value, "inventory", " WHERE id = '%s'" % form["key_id"].value, form, 0, 0) if dbResult['status'] != 'success': message = "Item could not be saved.\n" + dbResult['message'] exit(message) if saveDueToCreate: subject = 'New INV #%s has been generated' % form['key_id'].value # message='INV #%s has been generated.\n\n' % form["key_id"].value # message=message+'Assigned to: %s\n\n' % form['assigned_to'].value # message=message+'Problem Description is as follows:\n' # message=message+form['problem_description'].value+'\n\n' # message=message+'Log into the Inventory tracking tool at ' # message=message+'http://www.isrparc.org for further info.' # message=message+'If you do not wish to be on this mailing list ' # message=message+'please send an email requesting removal to ' # message=message+'[email protected].\n' # pmt_utils.emailList(db,'localhost', 'inv_list', subject, message) display_questionnaire(db, table_data, 'edit') alerts = alerts + '\nItem saved successfully' pmt_utils.alertsArea(form, alerts) listing_url = '/%s-cgi-bin/inv_admin.pyc?performDbQuery=1' % (db_name) help_url = '/%s/html/sprsum.html' % db_name # This will return to po_admin.py or inv_admin.py in Edit mode. if form.has_key("return_to_po"): data = '?action=edit&key_id=%s' % table_data['inventory']['po_id'][ 'value'] java = "return goto_url('/%s-cgi-bin/po_admin.pyc%s')" % (db_name, data) html = '<INPUT NAME="edit" type="button" value=" Return to PO ' html = html + '" onClick="%s">' % java print '<BR><BR>' print html editFunctionButtons(form["key_id"].value, listing_url, help_url) po_id = table_data['inventory']['po_id']['value'] print '<input type=hidden name=po_id value="%s">' % po_id val = table_data['inventory']['prop_id_assigned_by_signature']['value'] pmt_utils.textbox(None, 'prop_id_assigned_by_signature', val, '40', '40', None, None, 'hidden') pmt_utils.textbox(None, 'key_id', '', '10', '10', None, None, 'hidden') pmt_utils.textbox(None, 'action', '', '10', '10', None, None, 'hidden') pmt_utils.textbox(None, 'item_no', '', '8', '8', None, None, 'hidden') pageEnd(table_data, db)
def display_questionnaire(db, table_data, view): if view == 'read-only': editable = 0 else: editable = 1 print '<TABLE>' print '<CAPTION>Field Labels in <B><FONT COLOR=RED>Red</FONT></B>' print ' or <B>Bold</B> on Mononchrome Displays are Required</CAPTION>' print '<TR><TH>Field Name</TH><TH>Value</TH><TH>Format</TH></TR>' display_list = [] field_name_keys = table_data['inventory'].keys() SIZE = 0 ##### # find max display order = SIZE for i in field_name_keys: if table_data['inventory'][i]['display_order'] > SIZE: SIZE = table_data['inventory'][i]['display_order'] else: continue # build display list array for i in xrange(0, SIZE): display_list.append("") # load display_list entries with table display order field_names for i in field_name_keys: display_list[int(table_data['inventory'][i]['display_order']) - 1] = i field_name_keys = display_list for field_name in field_name_keys: if field_name == '': #if field_name is empty...continue ##### continue if field_name == 'total_unit_price': sql = "SELECT quantity, unit_price FROM inventory WHERE id = '%s'" % form[ 'key_id'].value db_result = pmt_utils.executeSQL(db, sql) if len(db_result['result']) == 0: total_unit_price = 0.0 else: quantity = float(db_result['result'][0]['quantity']) unit_price = float(db_result['result'][0]['unit_price']) total_unit_price = quantity * unit_price print '<TR>' pmt_utils.print_label( label=table_data['inventory'][field_name]['label'], required=required) print '</TD><TD>%.2f</TD></TR>' % total_unit_price sql = "UPDATE inventory SET total_unit_price='%s'" % ( str(total_unit_price)) sql = "%s WHERE id = '%s'" % (sql, form['key_id'].value) db_result = pmt_utils.executeSQL(db, sql) continue if table_data['inventory'][field_name].has_key('required') and \ table_data['inventory'][field_name]['required'] == 1: required = 1 else: required = 0 print '<TR>' if view == 'read-only': if field_name in [ 'analyst_username', 'qa_completion_signature_function' ]: continue else: print '<TR>' pmt_utils.print_label( label=table_data['inventory'][field_name]['label'], required=required) print '<TD>' pmt_utils.display_table_item_on_form(db, table_data, 'inventory', field_name, editable=editable, display_item_only=1) print '</TD></TR>' #if field_name == 'qa_completion_signature_function': #print '<TD COLSPAN=3><HR></TD></TR><TR>' print '</TABLE>'
def add_user(self, username, password): self.username = username self.password = password if self.prompt and username == None: while 1: print "Enter the new username: "******"": break else: print "You must enter a username" else: if username != None: self.username = string.strip(username) if self.prompt and self.password == None: while 1: self.password = getpass.getpass( prompt='Enter the password for the new user: '******'error' dbResult = pmt_utils.connectDB(self.postgres_username, self.postgres_password, self.db_name) if dbResult['status'] != "success": print dbResult['message'] return 'error' self.db = dbResult['result'] queryResult = pmt_utils.executeSQL( self.db, "SELECT count(*) FROM pg_user WHERE usename = '%s'" % (self.username)) result = queryResult['result'] rows_which_match = result[0]["count"] if rows_which_match != 0: print 'User already exists' return 'Error' if queryResult["status"] != 'success': print queryResult["status"] return 'error' queryResult = pmt_utils.executeSQL( self.db, "SELECT MAX(usesysid) FROM pg_user") if queryResult["status"] != 'success': print queryResult["status"] return 'error' result = queryResult['result'] user_id = result[0]['max'] user_id = user_id + 1 self.db.close() print "Answer NO to the next prompt" os.system("/usr/bin/createuser -i %d -D -U %s" % (user_id, self.username)) dbResult = pmt_utils.connectDB(self.postgres_username, self.postgres_password, self.db_name) if dbResult['status'] != "success": print dbResult['message'] return 'error' self.db = dbResult['result'] queryResult = pmt_utils.executeSQL( self.db, "ALTER USER %s WITH PASSWORD %s" % (self.username, self.password)) if queryResult["status"] != 'success': print queryResult['message'] return 'error' grantList = [] privileges = declarations.table_privileges() for table_name in privileges.keys(): for user_name in privileges[table_name].keys(): grantStatement = "GRANT " for privilege in privileges[table_name][user_name]: grantStatement = grantStatement + privilege + ", " grantStatement = grantStatement[: -2] + " ON " + table_name + " TO " + self.username grantList.append(grantStatement) grantList.append("GRANT ALL ON pai_id_seq TO %s" % (self.username)) grantList.append("GRANT ALL ON project_members_id_seq TO %s" % (self.username)) queryResult = pmt_utils.executeSqlItemList(self.db, grantList, 1) if queryResult["status"] != 'success': print "Failed to execute all GRANTS" return 'error' self.db.close() return 'success'
def create_db(self): import declarations dbResult = pmt_utils.connectDB(self.postgres_username, self.postgres_password, self.db_name) # could not connect to db if dbResult['status'] != 'success': # database does not exist so we do not have to backup # table data from previous version of this database print 'Could not connect to %s database, no db backup to perform.' % ( self.db_name), else: # else there is a database that exists with this name db = dbResult['result'] # backup all tables to dat files #pmt_utils.exec_sql_file(db, '%s_tables.backup' % (self.db_name)) db.close() # destroy the previous version of this database os.system('dropdb %s' % (self.db_name)) # connect to template database to get maximum user # id in use at this time dbResult = pmt_utils.connectDB(self.postgres_username, self.postgres_password, 'template1') if dbResult['status'] != "success": print dbResult['message'] sys.exit(1) db = dbResult['result'] queryResult = pmt_utils.executeSQL( db, "SELECT MAX(usesysid) FROM pg_user") if queryResult["status"] != 'success': print queryResult["status"] sys.exit(1) result = queryResult['result'] user_id = result[0]['max'] user_id = user_id + 1 db.close() # create database os.system("createdb %s" % (self.db_name)) os.system("/usr/bin/destroyuser " + self.db_admin_username) # print "Answer NO to the next prompt" os.system("/usr/bin/createuser -D -A %s" % (self.db_admin_username)) user_id = user_id + 1 os.system("/usr/bin/destroyuser " + self.visitor_username) # print "Answer NO to the next prompt" os.system("/usr/bin/createuser -D -A %s" % (self.visitor_username)) dbResult = pmt_utils.connectDB(self.postgres_username, self.postgres_password, self.db_name) if dbResult['status'] != "success": print dbResult['message'] sys.exit(1) db = dbResult['result'] # queryResult = pmt_utils.executeSQL(db, "DELETE FROM pg_group WHERE groname = 'admins'") # queryResult = pmt_utils.executeSQL(db, "INSERT INTO pg_group (groname, grosysid, grolist) VALUES ('admins', '1', '{1000}')") #if queryResult["status"] != 'success': # print queryResult["status"] # sys.exit(1) # queryResult = pmt_utils.executeSQL(db, "DELETE FROM pg_group WHERE groname = 'users'") # queryResult = pmt_utils.executeSQL(db, "INSERT INTO pg_group (groname, grosysid, grolist) VALUES ('users', '2', '{2000}')") # if queryResult["status"] != 'success': # print queryResult["status"] # sys.exit(1) queryResult = pmt_utils.executeSQL( db, "ALTER USER postgres WITH PASSWORD '%s'" % (self.postgres_password)) if queryResult["status"] != 'success': print queryResult['message'] sys.exit(1) queryResult = pmt_utils.executeSQL( db, "ALTER USER %s WITH PASSWORD '%s'" % (self.db_admin_username, self.db_admin_password)) if queryResult["status"] != 'success': print queryResult['message'] sys.exit(1) queryResult = pmt_utils.executeSQL( db, "ALTER USER %s WITH PASSWORD '%s'" % (self.visitor_username, self.visitor_password)) if queryResult["status"] != 'success': print queryResult['message'] sys.exit(1) queryResult = pmt_utils.create_tables(db, declarations.define_tables(), 1) if queryResult["status"] != 'success': print queryResult['message'] sys.exit(1) pmt_utils.exec_sql_file(db, self.db_name + '.tables') grantList = [] privileges = declarations.table_privileges() for table_name in privileges.keys(): for user_name in privileges[table_name].keys(): grantStatement = "GRANT " for privilege in privileges[table_name][user_name]: grantStatement = grantStatement + privilege + ", " grantStatement = grantStatement[: -2] + " ON " + table_name + " TO " + user_name grantList.append(grantStatement) # grant all privileges to the db admin grantList.append("GRANT ALL ON " + table_name + " TO " + self.db_admin_username) queryResult = pmt_utils.executeSqlItemList(db, grantList, 1) if queryResult["status"] != 'success': print "Failed to execute all GRANTS" sys.exit(1)
def doCsv(): status, table_data, db = pageInit("Export", formJS=0) if status != 'success': message = "Can not connect to database.\n" + status sql = "SELECT id, inv_prefix, outside_id, gist, source, inv_status, " sql = sql + "problem_description, problem_duplication, system_status, " sql = sql + "priority, category, originator, origination_date, assigned_to, " sql = sql + "analysis, analyst_signature, swm_analysis_signature, " sql = sql + "corrective_action, config_items_impacted, test_plan, " sql = sql + "test_results, swm_completion_signature, " sql = sql + "test_completion_signature, cm_completion_signature, " sql = sql + "qa_completion_signature from inventory ORDER by inv_prefix, int4(id)" queryResult = pmt_utils.executeSQL(db, sql) if queryResult["status"] != 'success': message = "Query failed.\n" + dbResult['message'] result = queryResult['result'] print '<a href="/%s/html/%s">' % (db_name, 'inventory.csv') print 'Inventory File ' print '(Right Click and select "Save Link As" to download)</a>' print '<BR><BR><B>The Comma Separated Values file contains the following' print 'fields for each record:</B>' print '<TABLE BORDER>' print '<TR><TD>Inventory Id</TD><TD>Prefix</TD><TD>Outside Id</TD>' print '<TD>Gist</TD><TD>Source</TD><TD>Status</TD>' print '<TD>Problem Description</TD><TD>Problem Duplication</TD>' print '<TD>System Status</TD><TD>Priority</TD><TD>Category</TD>' print '<TD>Originator</TD><TD>Origination Date</TD><TD>Assigned To</TD>' print '<TD>Analysis</TD><TD>Corrective Action</TD>' print '<TD>Configuration Items Impacted</TD><TD>Test Plan</TD>' print '<TD>Test Results</TD><TD>Completion Status</TD></TR></TABLE>' print 'NOTE: Commas in fields have been changed to whitespace' output_lines = [] for i in xrange(0, len(result)): inv_completed = 'Open' if string.strip(result[i]['inv_status']) == 'Fixed (complete)': if string.strip(result[i]['analyst_signature']) != '' and \ string.strip(result[i]['swm_analysis_signature'])!='' and \ string.strip(result[i]['swm_completion_signature'])!='' and \ string.strip(result[i]['test_completion_signature'])!='' and \ string.strip(result[i]['cm_completion_signature'])!='' and \ string.strip(result[i]['qa_completion_signature'])!='': inv_completed = 'Closed' txt = string.replace(result[i]['inv_prefix'], ',', '') + ',' txt = txt + string.replace(result[i]['id'], ',', '') + ',' txt = txt + string.replace(result[i]['outside_id'], ',', '') + ',' txt = txt + string.replace(result[i]['gist'], ',', '') + ',' txt = txt + string.replace(result[i]['source'], ',', '') + ',' txt = txt + string.replace(result[i]['inv_status'], ',', '') + ',' txt = txt + string.replace(result[i]['problem_description'], ',', '') + ',' txt = txt + string.replace(result[i]['problem_duplication'], ',', '') + ',' txt = txt + string.replace(result[i]['system_status'], ',', '') + ',' txt = txt + string.replace(result[i]['priority'], ',', '') + ',' txt = txt + string.replace(result[i]['category'], ',', '') + ',' txt = txt + string.replace(result[i]['originator'], ',', '') + ',' txt = txt + string.replace(result[i]['origination_date'], ',', '') + ',' txt = txt + string.replace(result[i]['assigned_to'], ',', '') + ',' txt = txt + string.replace(result[i]['analysis'], ',', '') + ',' txt = txt + string.replace(result[i]['corrective_action'], ',', '') + ',' txt = txt + string.replace(result[i]['config_items_impacted'], ',', '') + ',' txt = txt + string.replace(result[i]['test_plan'], ',', '') + ',' txt = txt + string.replace(result[i]['test_results'], ',', '') + ',' txt = txt + inv_completed txt = string.replace(txt, '\r\n', ' ') txt = string.replace(txt, '\n', ' ') output_lines.append(txt) filename = '/home/%s/html/inventory.csv' % db_name file_io.writeToFile(filename, output_lines) queryFunctionButtons(0, 1, '/%s/html/sprsum.html' % (db_name)) pmt_utils.textbox(None, 'key_id', '', '10', '10', None, None, 'hidden') pmt_utils.textbox(None, 'action', '', '10', '10', None, None, 'hidden') pmt_utils.textbox(None, 'item_no', '', '8', '8', None, None, 'hidden') pageEnd(table_data, db)