Beispiel #1
0
def kanban_card_comment():
    user = session['user_hash']
    user = currentUser(user)
    sql = "INSERT INTO card_comments (card_id, user, comment) VALUES (%s, %s, %s)"
    if request.method == 'POST':
        comment = request.form['comment']
        card_id = request.form['card_id']
        if comment and comment != '' and comment != ' ':
            db, cur = connect()
            cur.execute(sql, [card_id, user['user_hash'], comment])
            db.commit()
            db.close()
            return redirect('http://127.0.0.1:5000/kanban/card/' +
                            str(card_id),
                            code=302)
    return redirect('http://127.0.0.1:5000/kanban/card/' + str(card_id),
                    code=302)
Beispiel #2
0
def admin_create_user():
    user = session['user_hash']
    user = currentUser(user)
    errors = []
    success = []
    permissions = getAllPermissions()
    positions = getAllPositions()
    form_dict = {}
    if request.method == 'POST':
        form_dict = loadForm(form_dict)
        email = form_dict['email']
        permission = form_dict['permission']
        position = form_dict['position']
        user_hash = generate_password_hash(
            str(email) + str(permission) + str(position))
        sql = "INSERT INTO users (email, permission_id, position_id, user_hash, verified, organization) VALUES (%s, %s, %s, %s, %s, %s)"
        data = [
            email, permission, position, user_hash, 0, user['organization']
        ]
        db, cursor = connect()
        cursor.execute(sql, data)
        db.commit()
        db.close()
        registration = "<p>You Have been Invited to Sign up at TaskKonnect.</p><br>"
        registration += "<p><a href='" + str(
            site_url) + "complete_signup/" + str(
                user_hash) + "'>Create Your Account</a></p>"
        msg = Message(subject='TaskKonnect Invite - CSC 394',
                      html=registration,
                      sender="*****@*****.**",
                      recipients=[str(email)])
        mail.send(msg)
        success.append("A Signup Email has been sent to: " + str(email))
    if user and user['permission'] == 'administrator':
        return render_template('admin_create_user.html',
                               user=user,
                               errors=errors,
                               success=success,
                               permissions=permissions,
                               positions=positions)
    else:
        return redirect(url_for('login'))
Beispiel #3
0
def complete_signup(user_hash):
    errors = []
    success = []
    user = currentUser(user_hash)
    form_dict = {}
    if request.method == 'POST':
        form_dict = loadForm(form_dict)
        email = form_dict['email']
        first_name = form_dict['first_name']
        last_name = form_dict['last_name']
        password = generate_password_hash(form_dict['password'])
        confirm_password = form_dict['confirm_password']
        new_user_hash = generate_password_hash(
            str(email) + str(first_name) + str(last_name) + str(password))
        # Validate As Needed
        if form_dict['password'] != confirm_password:
            errors.append("Passwords do not Match.")
        if len(errors) == 0:
            db, cur = connect()
            sql = """
					UPDATE users 
					SET 
						first_name = %s, 
						last_name = %s, 
						password = %s, 
						user_hash = %s,
						verified = 1
					WHERE user_hash = %s
				  """
            data = [first_name, last_name, password, new_user_hash, user_hash]
            cur.execute(sql, data)
            db.commit()
            db.close()

            session['user_hash'] = new_user_hash
            return redirect(url_for('home'))

    return render_template('register.html',
                           current_data=user,
                           errors=errors,
                           success=success)
Beispiel #4
0
def kanban_add_card():
    user = session['user_hash']
    user = currentUser(user)
    group_id = request.args.get('group')
    category = request.args.get('category')
    members = getGroupMembers(group_id)
    form_dict = {}
    errors = []
    success = []

    if request.method == 'POST':
        form_dict = loadForm(form_dict)
        empty = checkEmptyForm(form_dict)

        if empty:
            errors.append("There are empty fields! Please Complete")
        else:
            db, cur = connect()
            sql = "INSERT INTO cards (title, description, assigned_to, kanban_category, group_id, completed, owner, due_date, archived) VALUES (%s, %s,%s, %s,%s, %s,%s,%s,%s)"
            title = form_dict['title']
            description = form_dict['description']
            assigned_to = form_dict['assigned_to']
            kanban_category = form_dict['kanban_category']
            due_date = form_dict['due_date']
            completed = form_dict['completed']
            owner = user['user_hash']
            cur.execute(sql, [
                title, description, assigned_to, kanban_category, group_id,
                completed, owner, due_date, 0
            ])
            db.commit()
            db.close()
            success.append("Successfully Added a Card")

    return render_template('kanban_add_card.html',
                           user=user,
                           members=members,
                           category=category,
                           errors=errors,
                           success=success)
Beispiel #5
0
def admin_manage_users():
    user = session['user_hash']
    user = currentUser(user)
    db, cur = connect()
    sql = """
			SELECT * FROM users
		  """
    cur.execute(sql)
    results = cur.fetchall()
    columns = getColumns(cur)
    db.close()
    users = []
    for row in results:
        d = {}
        for key, value in zip(columns, list(row)):
            d[key] = value
        users.append(d)

    return render_template('admin_manage_users.html',
                           user=user,
                           users=users,
                           columns=columns)
Beispiel #6
0
def kanban_card_edit():
    form_dict = {}
    form_dict = loadForm(form_dict)
    form_dict['completed'] = '1' if len(
        request.form.getlist('completed')) > 0 else '0'
    sql = """
			UPDATE cards
			SET
				title = %s,
				description = %s,
				completed = %s,
				due_date = %s,
				archived = %s
			WHERE id = %s
		  """
    data = [
        form_dict['title'], form_dict['description'], form_dict['completed'],
        form_dict['due_date'], form_dict['archived'], form_dict['card_id']
    ]
    db, cur = connect()
    cur.execute(sql, data)
    db.commit()
    db.close()
    return redirect('/kanban/card/' + str(form_dict['card_id']))
Beispiel #7
0
def grouplist():
    errors = []
    success = []
    print("here")

    tupes = (request.form['names'].split(","))
    print(tupes)
    print(tupes[0])
    hashs = getUserHash(tupes[2])
    print(hashs)

    sql = "DELETE FROM user_groups WHERE g_id = %s and user = %s"
    data = [tupes[0], hashs[0]['user_hash']]
    db, cursor = connect()
    try:
        cursor.execute(sql, data)
        db.commit()
        db.close()
        print("deleeted")
        success.append("Successfully Created Group")
    except Exception as e:
        errors.append("Exception found: " + str(e))
    names = getUsersByGroups(tupes[0])
    return render_template('grouplist.html', team=names)
Beispiel #8
0
def admin_edit_user(user_hash):
    errors = []
    success = []
    user = session['user_hash']
    user = currentUser(user)
    permissions = getAllPermissions()
    positions = getAllPositions()
    db, cur = connect()
    sql = """
			SELECT 
				U.email as email, 
				U.first_name as first_name, 
				U.last_name as last_name,
				P.permission_name as permission_name,
				P.id as permission_id,
				POS.id as position_id,
				POS.position_name as position_name
			FROM users U
			JOIN permissions P
				ON P.id = U.permission_id
			JOIN positions POS
				ON POS.id = U.position_id
			WHERE U.user_hash = %s
		  """
    cur.execute(sql, [user_hash])
    result = cur.fetchone()
    columns = getColumns(cur)
    user_data = {}
    for key, value in zip(columns, list(result)):
        user_data[key] = value

    form_dict = {}

    if request.method == 'POST':
        form_dict = loadForm(form_dict)
        email = form_dict['email']
        first_name = form_dict['first_name']
        last_name = form_dict['last_name']
        permission_id = int(form_dict['permission_id'])
        position_id = int(form_dict['position_id'])

        sql = """
				UPDATE users
				SET
					email = %s,
					first_name = %s,
					last_name = %s,
					permission_id = %s,
					position_id = %s
				WHERE user_hash = %s
			  """
        data = [
            email, first_name, last_name, permission_id, position_id, user_hash
        ]
        cur.execute(sql, data)
        db.commit()
        db.close()

        user_data = form_dict
        user_data['permission_id'] = int(user_data['permission_id'])
        user_data['position_id'] = int(user_data['position_id'])

        success.append("Updated User's Info")

    return render_template('admin_edit_user.html',
                           user_data=user_data,
                           user=user,
                           permissions=permissions,
                           positions=positions,
                           errors=errors,
                           success=success)
Beispiel #9
0
def groups():
    form_dict = {}
    errors = []
    success = []
    user = session['user_hash']
    user = getCurrentUser(user)
    users = getAllUsers()
    groups = getAllGroups(user['user_hash'])
    if request.method == 'POST':
        # Get data from form
        print(request.form)
        if "team" in request.form:
            sql = "INSERT INTO groups (g_name,owner) VALUES (%s, %s)"
            data = [request.form['team'], user['user_hash']]
            db, cursor = connect()
            try:
                cursor.execute(sql, data)
                db.commit()
                db.close()
                success.append("Successfully Created Group")
                groups = getAllGroups(user['user_hash'])
            except Exception as e:
                errors.append("Exception found: " + str(e))

            return render_template('groups.html',
                                   groups=groups,
                                   users=users,
                                   errors=errors,
                                   success=success)
        if "addusers" in request.form:
            gids = getUserGroups(request.form['names'])

            for i in gids:
                print(request.form['gid'])
                print(i['g_id'])
                if int(request.form['gid']) == int(i['g_id']):
                    users = getAllUsers()
                    errors.append("was already in that group")
                    return render_template('groups.html',
                                           groups=groups,
                                           users=users,
                                           errors=errors,
                                           success=success)

            print(request.form['gid'])
            deleteUser(request.form['gid'], request.form['names'])
            addUser(request.form['gid'], request.form['names'])
            users = getAllUsers()
            success.append("Successfully Added User to Group")
            return render_template('groups.html',
                                   groups=groups,
                                   users=users,
                                   errors=errors,
                                   success=success)
        else:
            form_dict = request.form['sub']
            names = getUsersByGroups(form_dict)
            return render_template('grouplist.html', team=names)

    return render_template('groups.html',
                           groups=groups,
                           users=users,
                           errors=errors,
                           success=success)
Beispiel #10
0
def register():
    form_dict = {}
    errors = []
    success = []

    try:
        user = session['user_hash']
        if user:
            return redirect(url_for('home'))
    except Exception as e:
        pass

    if request.method == 'POST':
        # Get data from form
        form_dict = loadForm(form_dict)
        # Make sure fields are not empty
        empty = checkEmptyForm(form_dict)
        if not empty:
            email = form_dict['email']
            first_name = form_dict['first_name']
            last_name = form_dict['last_name']
            password = generate_password_hash(form_dict['password'])
            confirm_password = form_dict['confirm_password']

            perm = 1
            position_id = 1

            user_hash = generate_password_hash(
                str(email) + str(first_name) + str(last_name) + str(password))
            organization = generate_password_hash(str(user_hash))

            # Validate As Needed
            if form_dict['password'] != confirm_password:
                errors.append("Passwords do not Match.")

            if alreadyAnUser(email):
                errors.append(
                    "There is already an user with that email address.")
            # If no errors, proceed with database interaction
            if len(errors) == 0:
                sql = "INSERT INTO users (email, first_name, last_name, password, permission_id, position_id, user_hash, verified, organization) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)"
                data = [
                    email, first_name, last_name, password, perm, position_id,
                    user_hash, 0, organization
                ]
                db, cursor = connect()
                try:
                    cursor.execute(sql, data)
                    db.commit()
                    db.close()
                    registration = "<p>Thank you for signing up. Please click the link to verify.</p><br>"
                    registration += "<p><a href='" + str(
                        site_url) + "confirm?user="******"'>Verify</a></p>"
                    msg = Message(subject='Verify Email - CSC 394',
                                  html=registration,
                                  sender="*****@*****.**",
                                  recipients=[
                                      str(email)
                                  ])  # ENTER YOUR EMAIL IN recipients
                    mail.send(msg)
                    success.append(
                        "You have been signed up. Please check your Email to verify your account."
                    )
                except Exception as e:
                    errors.append("Exception found: " + str(e))
            else:
                print("There Was an Error.")
        else:
            errors.append('There are empty fields in the form.')
    return render_template('register.html',
                           current_data=None,
                           errors=errors,
                           success=success)