Ejemplo n.º 1
0
def update_company_name():
    # authenticate colleague:
    if not is_auth_company(current_user):
        return unathorized(
            "You are not authorized to modify the company name.", "error")

    form = UpdateCompanyNameForm()

    company = Company.query.get(current_user.company_id)

    if form.validate_on_submit():
        colleague = Colleagues.query.get(current_user.id)
        if company.name != form.company_name.data:
            company.name = form.company_name.data
            try:
                db.session.commit()
                flash(f"Your Company Name changed successfully to", "inform")
                flash(f"{company.name}.", "inform")
            except:
                flash(f"Any error occured. Please try again.", "error")
                db.session.rollback()

        return redirect(url_for("company_profile"))

    return render_template("update_company_name.html",
                           type="Company Name",
                           value=company.name,
                           colleague=current_user,
                           form=form,
                           logo=get_logo(current_user),
                           nav=get_nav(current_user))
Ejemplo n.º 2
0
def privilegs():

    # authenticate colleague:
    if not is_auth_privilegs(current_user):
        return unathorized("You cannot to vew this page.", "error")

    company = Company.query.get(current_user.company_id)
    company_id = company.id

    # get all admins of company with any privileg:
    admins = db.session.query(Colleagues, Admins).filter(
        Colleagues.id == Admins.colleague_id,
        Colleagues.company_id == company_id).all()

    colleagues = Colleagues.query.filter(
        Colleagues.company_id == current_user.company_id).all()

    for admin in admins:
        for colleague in colleagues:
            if admin.Admins.colleague_id == colleague.id:
                colleagues.remove(colleague)

    return render_template(
        "privilegs.html",
        logo=get_logo(current_user),
        change_logo=is_auth_company(
            current_user
        ),  # to add click event to change logo for authorized admin
        admins=admins,
        colleagues=colleagues,
        nav=get_nav(current_user))
Ejemplo n.º 3
0
def delete_company():

    # authenticate colleague:

    if not is_auth_company(current_user):
        return unathorized("You are not authorized to delete company.",
                           "error")

    del_company(current_user.company_id)

    return redirect(url_for("landing_page"))
Ejemplo n.º 4
0
def colleagues():
    # authenticate colleague:
    if not is_auth_colleague(current_user):
        return unathorized("You cannot to vew this page.", "error")

    colleagues = Colleagues.query.filter(
        Colleagues.company_id == current_user.company_id).all()

    return render_template(
        "colleagues.html",
        logo=get_logo(current_user),
        change_logo=is_auth_company(
            current_user
        ),  # to add click event to change logo for authorized admin
        colleagues=colleagues,
        nav=get_nav(current_user))
Ejemplo n.º 5
0
def company_profile():
    # authenticate colleague:
    if not is_auth_company(current_user):
        return unathorized("You cannot to view this page.", "error")

    company = Company.query.get(current_user.company_id)
    company_id = company.id

    # get all admins of company with update_company privileg:
    company_admins = db.session.query(Colleagues, Admins).filter(
        Colleagues.id == Admins.colleague_id,
        Colleagues.company_id == company_id,
        Admins.update_company == True).all()
    return render_template("company_profile.html",
                           logo=get_logo(current_user),
                           company=company,
                           company_admins=company_admins,
                           nav=get_nav(current_user))
Ejemplo n.º 6
0
def main():

    company = Company.query.get(current_user.company_id)
    company_id = company.id

    # display existed Idea Boxes:
    boxes = db.session.query(Boxes, Admins, Colleagues).filter(
        Boxes.admin_id == Admins.id, Colleagues.id == Admins.colleague_id,
        Colleagues.company_id == company_id).all()

    # replace any HTML elements and entities from the name:
    for box in boxes:
        # query the last activity from the idea table corresponding to the current box
        activity = db.session.query(func.max(
            Ideas.create_at)).filter(Ideas.box_id == box.Boxes.id).first()

        # query all ideas of the current box:
        ideas = Ideas.query.filter(Ideas.box_id == box.Boxes.id).all()
        box.Boxes.counter = len(ideas)

        # query the last 5 poster's avatars:
        posters = []
        for poster in ideas[-5:]:
            data = {"name": poster.sign, "avatar": "incognito-cut.svg"}
            if poster.sign != "incognito":
                data["avatar"] = get_avatar(
                    Colleagues.query.get(poster.colleague_id))
            posters.append(data)

        box.Boxes.posters = posters
        box.Boxes.activity = activity[0]
        box.Boxes.name = remove_html(box.Boxes.name)

    return render_template(
        "main.html",
        logo=get_logo(current_user),
        change_logo=is_auth_company(
            current_user
        ),  # to add click event to change logo for authorized admin
        update_box=is_auth_box(
            current_user),  # to add edit icon to authorized admin
        boxes=boxes,
        nav=get_nav(current_user))
Ejemplo n.º 7
0
def update_joining_password():
    # authenticate colleague:
    if not is_auth_company(current_user):
        return unathorized(
            "You are not authorized to modify the joining password.", "error")

    form = UpdateJoiningPasswordForm()

    if form.validate_on_submit():
        company = Company.query.get(current_user.company_id)
        if not company.check_joining_password(form.password.data):
            flash("Invalid password. Please log in again.", "warning")
            logout_user()
            return redirect(url_for("login"))
        if form.password.data != form.new_password.data:
            if form.new_password.data == form.repeat_new_password.data:
                try:
                    company.set_joining_password(form.new_password.data)
                    db.session.commit()
                    flash(f"The Joining password changed successfully.",
                          "inform")

                except:
                    db.session.rollback()
                    flash(f"Any error occured. Please try again.", "error")
            else:
                flash(
                    f"Your repeat password does not match. Please try again.",
                    "warning")
        else:
            flash(f"The new joining password equal with the old one.",
                  "inform")
        return redirect(url_for("company_profile"))

    return render_template("update_joining_password.html",
                           type="Joining Password",
                           value="",
                           form=form,
                           logo=get_logo(current_user),
                           colleague=current_user,
                           nav=get_nav(current_user))
Ejemplo n.º 8
0
def upload_logo():
    # authenticate colleague:
    if not is_auth_company(current_user):
        return unathorized("You cannot to upload logo.", "error")

    form = UpdateLogoForm()

    if form.validate_on_submit():
        filename = form.logo.data.filename
        extension = get_extension(filename)
        # delete previous logo:
        company = Company.query.get(current_user.company_id)
        old_extension = company.logo
        if old_extension:
            old_logo = f"static/logo/{company.id}.{old_extension}"
            if os.path.exists(old_logo):
                os.remove(old_logo)

        # update company logo:
        company.logo = extension
        try:
            db.session.commit()
            # save new logo:
            form.logo.data.save(f"static/logo/{company.id}.{extension}")
            flash(f"Your company logo successfully changed.", "inform")
        except:
            db.session.rollback()
            flash(f"Any error occured. Please try again.", "error")

        return redirect(url_for("main"))

    return render_template("update_logo.html",
                           type="Company Logo",
                           value="",
                           enctype="multipart/form-data",
                           form=form,
                           colleague=current_user,
                           logo=get_logo(current_user),
                           nav=get_nav(current_user))
Ejemplo n.º 9
0
def idea_box(id):

    # have to check if the current user belong to the same company with the idea box:
    idea_box = get_idea_box(id, current_user)

    # log out unathorized user:
    if not idea_box:
        return unathorized("You cannot to view this Idea Box.", "error")

    # authorized admin with box privileg:
    if is_auth_box(current_user):
        current_user.is_admin = True

    # set is_open property to the Boxes; If the closing time already due then cannot to share new idea
    idea_box.Boxes.is_open = is_open(idea_box.Boxes.close_at)

    # query all ideas for the choosen box:
    ideas = Ideas.query.filter(Ideas.box_id == id).all()

    for idea in ideas:
        # update ideas with the poster avatar extension:
        colleague = Colleagues.query.get(idea.colleague_id)
        idea.avatar = get_avatar(colleague)
        # change sign code to the corresponded value:
        idea.position = colleague.position

    return render_template(
        "idea_box.html",
        update_box=is_auth_box(
            current_user),  # to add edit icon to authorized admin
        box=idea_box.Boxes,
        ideas=ideas,
        change_logo=is_auth_company(
            current_user
        ),  # to add click event to change logo for authorized admin
        logo=get_logo(current_user),
        nav=get_nav(current_user))
Ejemplo n.º 10
0
def create_idea(box_id, idea_id):

    # if  id == 0 create new idea, otherwise update existed idea by id
    # authenticate user:
    idea_box = get_idea_box(box_id, current_user)

    # log out unathorized user:
    # if idea_box empty then current user belong to different company
    # if  idea box already closed the user modified the url field
    if not idea_box or not is_open(idea_box.Boxes.close_at):
        return unathorized("You cannot to edit this Idea.", "error")

    current_idea = Ideas.query.get(idea_id)
    colleague = current_user
    current_user.is_admin = False

    if idea_id > 0 and current_idea.colleague_id != current_user.id:
        # this idea belong to different colleague than the current user, check updata_box privileg:
        if not is_auth_box(current_user):
            return unathorized("You don't hane privileg to edit this Idea.",
                               "error")
        else:
            # current user is an admin with privileg to edit/delete boxes and ideas:
            current_user.is_admin = True
            colleague = Colleagues.query.get(current_idea.colleague_id)

    form = CreateIdeaForm()
    # change sign-input's labels to the name of current user (name must be hidden for Admins!):
    form.sign.choices = [
        ("incognito", "incognito"),
        (current_user.user_name, current_user.user_name),
        (current_user.first_name, current_user.first_name),
        (current_user.fullname(), current_user.fullname())
    ] if not current_user.is_admin else [(current_idea.sign,
                                          current_idea.sign)]

    if form.validate_on_submit():
        print("submitted")
        success = ""
        error = ""
        if idea_id == 0:
            # instantiate new Idea:
            idea = Ideas(idea=form.idea.data,
                         sign=form.sign.data,
                         box_id=box_id,
                         colleague_id=current_user.id)

            db.session.add(idea)
            success = "Thank you for sharing your Idea."
            error = "Any error occured when post your Idea. Please try again."

        else:
            # edit existed idea:
            error = "Any error occured when edited your Idea. Please try again."
            if current_idea.idea != form.idea.data:
                current_idea.idea = form.idea.data
                success += "Your idea successfully edited.\n"
            if current_idea.sign != form.sign.data:
                current_idea.sign = form.sign.data
                success += f"Your sign changed to {current_idea.sign}.\n"

        try:
            db.session.commit()
            flash(success, "inform")
            return redirect(url_for("idea_box", id=box_id))
        except:
            db.session.rollback()
            flash(error, "error")
            return redirect(
                url_for("create_idea", box_id=box_id, idea_id=idea_id))

    if idea_id > 0:
        # edit mode:
        form.submit.label.text = "Edit my Idea" if not current_user.is_admin else f"Edit {colleague.first_name}'s Idea"
        form.idea.data = current_idea.idea
        form.sign.data = current_idea.sign
    else:
        form.sign.data = current_user.first_name  # set first name by default checked

    return render_template(
        "create_idea.html",
        update_box=is_auth_box(
            current_user),  # to add edit icon to authorized admin
        box=idea_box.Boxes,
        avatar="incognito-cut.svg"
        if form.sign.data == "incognito" else get_avatar(colleague),
        form=form,
        colleague=colleague,
        change_logo=is_auth_company(
            current_user
        ),  # to add click event to change logo for authorized admin
        logo=get_logo(current_user),
        nav=get_nav(current_user))
Ejemplo n.º 11
0
def create_box(id):
    # if  id == 0 create new box, otherwise update box by id
    # authenticate admin:
    if not is_auth_box(current_user):
        return unathorized("You are not authorized to create Idea Box.",
                           "error")

    # authenticate company
    if id > 0 and not authenticate_company(id, current_user):
        return unathorized("You are not authorized to update Idea Box.",
                           "error")

    current_box = Boxes.query.get(id)
    form = CreateBoxForm()

    if form.validate_on_submit():
        name = form.name.data
        description = form.description.data
        close_at = form.close_at.data
        if id == 0:
            # add new Idea Box to the Boxes table:
            new_box = Boxes(name=name,
                            description=description,
                            close_at=close_at,
                            admin_id=get_admin_id(current_user))

            db.session.add(new_box)
            error = "Any error occured when created new Idea Box. Please try again."
            success = "New Idea Box successfully created."
        else:
            # edit box by id:
            success = ""
            if name != current_box.name:
                current_box.name = name
                success += "Title updated.\n"
            if description != current_box.description:
                current_box.description = description
                success += "Description updated.\n"
            # close_at is a date object, have to convert to string
            str_close_at = close_at.strftime("%Y-%m-%d")
            if str_close_at != current_box.close_at:
                current_box.close_at = close_at
                success += "Closing date updated.\n"

            error = "Any error occured when updated Idea Box. Please try again."

        try:
            db.session.commit()
            flash(success, "inform")
        except:
            db.session.rollback()
            flash(error, "error")
            return redirect(url_for("create_box", id=id))

        return redirect(url_for("main"))

    if id > 0:
        # edit mode:
        form.submit.label.text = "Edit Box"
        form.name.data = current_box.name
        form.description.data = current_box.description
        form.close_at.data = str_to_date(current_box.close_at)

    return render_template(
        "create_box.html",
        form=form,
        id=id,
        logo=get_logo(current_user),
        change_logo=is_auth_company(
            current_user
        ),  # to add click event to change logo for authorized admin
        nav=get_nav(current_user))