Ejemplo n.º 1
0
def user_form(request):
    if request.method == 'POST':
        # объект SQLAlchemy для связи с существующей db
        engine = make_app().database_engine

        # получаем обрабатываем загруженый фаил
        file = request.files['file']
        filename = secure_filename(file.filename)
        file.save(os.path.join(basedir1, filename))
        replace_id_loc1(basedir1, filename, engine)

        return redirect(url_for("table"))
    return redirect(url_for("table"))
Ejemplo n.º 2
0
def staff_post():
    if not current_user.is_authenticated:
        return redirect(url_for('auth.login'))
    form = PostForm()
    if form.validate_on_submit():
        user = current_user
        is_dev = form.is_dev.data
        text = form.text.data
        project = form.project.data
        post = Post(is_dev=is_dev, text=text, project=project, user_id=user.id)
        db.session.add(post)
        db.session.commit()
        return redirect(url_for('main.index'))
    return render_template('staff/post.html', title="Staff Post", form=form)
def list_case_studies():
    page = get_valid_page_or_1()
    supplier_code = get_int_or_400(request.args, 'supplier_code')

    case_studies = CaseStudy.query
    if supplier_code is not None:
        case_studies = case_studies.filter(CaseStudy.supplier_code == supplier_code)

    if supplier_code:
        return jsonify(
            caseStudies=[case_study.serialize() for case_study in case_studies.all()],
            links={'self': url_for('.list_case_studies', supplier_code=supplier_code)}
        )

    results_per_page = get_positive_int_or_400(
        request.args,
        'per_page',
        current_app.config['DM_API_PAGE_SIZE']
    )

    case_studies = case_studies.paginate(
        page=page,
        per_page=results_per_page
    )

    return jsonify(
        caseStudies=[case_study.serialize() for case_study in case_studies.items],
        links=pagination_links(
            case_studies,
            '.list_case_studies',
            request.args
        )
    )
Ejemplo n.º 4
0
def list_case_studies():
    page = get_valid_page_or_1()
    supplier_code = get_int_or_400(request.args, 'supplier_code')

    case_studies = CaseStudy.query
    if supplier_code is not None:
        case_studies = case_studies.filter(
            CaseStudy.supplier_code == supplier_code)

    if supplier_code:
        return jsonify(caseStudies=[
            case_study.serialize() for case_study in case_studies.all()
        ],
                       links={
                           'self':
                           url_for('.list_case_studies',
                                   supplier_code=supplier_code)
                       })

    results_per_page = get_positive_int_or_400(
        request.args, 'per_page', current_app.config['DM_API_PAGE_SIZE'])

    case_studies = case_studies.paginate(page=page, per_page=results_per_page)

    return jsonify(caseStudies=[
        case_study.serialize() for case_study in case_studies.items
    ],
                   links=pagination_links(case_studies, '.list_case_studies',
                                          request.args))
Ejemplo n.º 5
0
def popdb(port):
    """Populates the database with sample data"""
    with app.app_context():
        initdb()
        raw = utils.get_init_data()
        name, data = utils.process(raw, Todo)
        url = utils.url_for(name, port=port)

        for r in utils.post(url, data=data):
            print('ok!' if r.ok else r.json())

    print('Database populated')
Ejemplo n.º 6
0
async def start_logout(
        req: Request,
        frontend_path: str = Query(..., alias="frontendPath"),
        return_path: str = Query(..., alias="returnPath"),
        id_token: str = Cookie(...),
):
    # Validate the frontend path and set the error page accordingly
    try:
        frontend_settings = get_frontend_settings_by_path(frontend_path)
    except KeyError:
        raise HTTPException(status_code=404, detail="Not found")
    error_page = f"{frontend_path}{frontend_settings.auth_error_page}"

    try:
        try:
            await validate_return_path(return_path)
        except ReturnPathValidationFailed:
            raise AuthException(400, "Invalid returnPath")

        state = generate_logout_state(return_path)

        params = {
            "post_logout_redirect_uri": url_for(req, "logout"),
            "state": state,
        }
        if conf.OPENID_CONNECT_INCLUDE_ID_TOKEN_HINT_IN_LOGOUT:
            params["id_token_hint"] = id_token
        params = urllib.parse.urlencode(params)
        uri = f"{openid_conf.end_session_endpoint}?{params}"
        return RedirectResponse(uri)

    except AuthException as ex:
        # This page is rendered in the browser, so any errors need to be handled by
        # redirecting to an actual error page rendered by the frontend
        logger.exception("Exception handled through redirect")
        message = urllib.parse.quote_plus(ex.detail)
        status_code = ex.status_code
        return RedirectResponse(
            f"{error_page}?message={message}&status_code={status_code}")
    except Exception:
        logger.exception("Unhandled exception handled through redirect")
        message = urllib.parse.quote_plus("Unknown error, please try again.")
        return RedirectResponse(
            f"{error_page}?message={message}&status_code=500")
Ejemplo n.º 7
0
async def start_login(req: Request,
                      data: StartLoginRequest,
                      id_token: str = Cookie(None)):
    """
    API endpoint for starting the login flow; will give back a redirectUri to which the
    user should be redirected to authenticate.
    """
    if is_authenticated(id_token=id_token):
        raise HTTPException(403, "Already authenticated")

    return_path = data.returnPath
    await validate_return_path(return_path)

    try:
        get_frontend_settings_by_path(data.frontendPath)
    except KeyError:
        raise HTTPException(
            status_code=422,
            detail=f"Invalid frontendPath '{data.frontendPath}'")

    nonce = generate_nonce()
    state = generate_state(return_path, nonce)

    params = urllib.parse.urlencode({
        "response_type":
        "code",
        "client_id":
        conf.OPENID_CONNECT_CLIENT_ID,
        "acr_values":
        conf.OPENID_CONNECT_ACR_VALUES,
        "scope":
        conf.OPENID_CONNECT_SCOPES,
        "redirect_uri":
        url_for(req, "code_exchange", frontend_path=data.frontendPath),
        "nonce":
        nonce,
        "state":
        state,
    })
    uri = f"{openid_conf.authorization_endpoint}?{params}"

    return StartLoginResponse(redirectUri=uri)
def list_work_orders():
    page = get_valid_page_or_1()
    brief_id = get_int_or_400(request.args, 'brief_id')
    supplier_code = get_int_or_400(request.args, 'supplier_code')

    work_orders = WorkOrder.query
    if supplier_code is not None:
        work_orders = work_orders.filter(WorkOrder.supplier_code == supplier_code)

    if brief_id is not None:
        work_orders = work_orders.filter(WorkOrder.brief_id == brief_id)

    if brief_id or supplier_code:
        return jsonify(
            workOrders=[work_order.serialize() for work_order in work_orders.all()],
            links={'self': url_for('.list_work_orders', supplier_code=supplier_code, brief_id=brief_id)}
        )

    results_per_page = get_positive_int_or_400(
        request.args,
        'per_page',
        current_app.config['DM_API_PAGE_SIZE']
    )

    work_orders = work_orders.paginate(
        page=page,
        per_page=results_per_page
    )

    return jsonify(
        workOrders=[work_order.serialize() for work_order in work_orders.items],
        links=pagination_links(
            work_orders,
            '.list_work_orders',
            request.args
        )
    )
Ejemplo n.º 9
0
def test_app(client):
    assert client.get(url_for('main.index')).status_code == 200
Ejemplo n.º 10
0
 def client_url_for(table_name=None, **kwargs):
     with app.test_request_context():
         kwargs['instid'] = kwargs.pop('id', None)
         return url_for(table_name, **kwargs)
Ejemplo n.º 11
0
def table(request):
    url = url_for("table")

    # подключаем необходимые таблицы для списков в jinja2
    regions = Region.query.all()
    queries = Users.query.all()

    # инициируем и преобразуем для чтетия выгрузку таблицы Users
    db = sqlite3.connect('data.db', uri=True)
    c = db.cursor()
    script = """
            SELECT * FROM Users
            """
    c.execute(script)
    columns = [desc[0] for desc in c.description]
    data = c.fetchall()
    df = pd.DataFrame(list(data), columns=columns)
    writer = pd.ExcelWriter(basedir2 + r'/database.xlsx')
    df.to_excel(writer, sheet_name='0', index=False)
    writer.save()
    replace_id_loc2(basedir2, r'/database.xlsx')

    # получаем данные из формы далее записывает данные в таблицу users
    if request.method == "POST":
        # запись в db полученой информации из формы
        try:
            firstName = request.form['firstName']
            middleName = request.form['middleName']
            lastName = request.form['lastName']
            phone = request.form['phone']
            email = request.form['email']
            city = request.form['city']
            rel_city = City.query.filter(City.name == city).first()
            try:
                done_db = Users(
                    firstName=firstName,
                    middleName=middleName,
                    lastName=lastName,
                    phone=phone,
                    email=email,
                    region_id=rel_city.region_id,
                    city_id=rel_city.id,
                )

                session.add(done_db)
                session.commit()
                return redirect(url_for("table"))
            except Exception as e:
                # обработаем исключение если город и регин не заполнен выведим пустую ячейку
                try:
                    error = e.args[0].split()
                    error_str = error[5].replace("'", "")
                    if error_str == 'region_id' or error_str == 'city_id':
                        done_db = Users(
                            firstName=firstName,
                            middleName=middleName,
                            lastName=lastName,
                            phone=phone,
                            email=email,
                            region_id=None,
                            city_id=None,
                        )
                        session.add(done_db)
                        session.commit()
                finally:
                    return redirect(url_for("table"))
        except Exception as e:
            try:
                return e
            finally:
                # сереализуем post запрос в json для ajax
                if request.form['region']:
                    region = request.form['region']
                    records = [
                        z.to_json()
                        for z in Region.query.filter_by(name_region=region)
                    ]
                    cont = json.dumps(records[0], sort_keys=True)
                    return Response(cont, content_type="application/json")
    return render_template("table.html",
                           url=url,
                           queries=queries,
                           regions=regions)
Ejemplo n.º 12
0
def home(request):
    url = url_for("home")
    return render_template("home.html", url=url)
Ejemplo n.º 13
0
def favicon():
    return send_from_directory(url_for('static', filename='favicon.ico'),
                               mimetype='image/vnd.microsoft.icon')
Ejemplo n.º 14
0
async def code_exchange(
        request: Request,
        frontend_path: str,
        code: str,
        state: str,
        id_token: str = Cookie(None),
):
    """
    The endpoint at which the user will land when coming back from the OpenID Connect
    provider.

    Handles the token exchange and sets the id_token and access_token cookies.

    Note that this endpoint is served in a web browser, not through an API call from the
    frontend. Hence any errors are handled by redirecting the user to a frontend side
    error page with a message and status code.
    """
    # Validate the frontend path and set the error page accordingly
    try:
        frontend_settings = get_frontend_settings_by_path(frontend_path)
    except KeyError:
        raise HTTPException(status_code=404, detail="Not found")
    error_page = f"{frontend_path}{frontend_settings.auth_error_page}"

    try:
        if is_authenticated(id_token=id_token):
            raise AuthException(403, "Already authenticated")

        login_state = get_valid_state(state)
        if not login_state:
            raise AuthException(400, "Invalid state")

        params = {
            "grant_type":
            "authorization_code",
            "redirect_uri":
            url_for(request, "code_exchange", frontend_path=frontend_path),
            "code":
            code,
        }

        res = await client.post(
            url=openid_conf.token_endpoint,
            data=params,
            auth=(
                conf.OPENID_CONNECT_CLIENT_ID,
                conf.OPENID_CONNECT_CLIENT_SECRET.get_secret_value(),
            ),
        )

        if res.is_error:
            logger.error("Code exchange failed",
                         code=res.status_code,
                         err=res.text)
            raise AuthException(502, "Code exchange failed")

        result = OAuthTokenResponse(**res.json())

        try:
            id_token = validate_token(result.id_token)
        except jwt.exceptions.InvalidTokenError:
            logger.exception("Failed to validate token")
            raise AuthException(500, "Token validation failed")
        if login_state.nonce != id_token.nonce:
            logger.error("Got invalid nonce")
            raise AuthException(500, "Token validation failed")

        response = RedirectResponse(login_state.returnPath)
        set_cookie(response, "id_token", result.id_token)
        set_cookie(response, "access_token", result.access_token)

        return response

    except AuthException as ex:
        # This page is rendered in the browser, so any errors need to be handled by
        # redirecting to an actual error page rendered by the frontend
        logger.exception("Exception handled through redirect")
        message = urllib.parse.quote_plus(ex.detail)
        status_code = ex.status_code
        return RedirectResponse(
            f"{error_page}?message={message}&status_code={status_code}")
    except Exception:
        logger.exception("Unhandled exception handled through redirect")
        message = urllib.parse.quote_plus("Unknown error, please try again.")
        return RedirectResponse(
            f"{error_page}?message={message}&status_code=500")
Ejemplo n.º 15
0
def login():
    local.response = redirect(url_for("index"))
    local.response.set_cookie("user_id", 1)
Ejemplo n.º 16
0
def logout():
    local.response = redirect(url_for("index"))
    local.response.delete_cookie("user_id")