Example #1
0
def account(user):
    if request.method == 'GET':
        udao = UserDAO()

        if not udao.check_user_exists(user):
            return render_template("errors/user_not_found.html")

        rdao = RecipeDAO()
        recipes = rdao.get_recipes_for_user(user)

        valid_session_key = udao.check_user_session_key(user, request.cookies.get("session_key"))
        allowEdit = False
        user_bgr = udao.get_user_background(user)

        sdao = SubscribeDAO()
        subscribed = sdao.is_subscribed(request.cookies.get("user"), user)

        if valid_session_key:
            allowEdit = True

        return render_template("account.html", signedIn = request.cookies.get("signedIn"),
                                               user = request.cookies.get("user"),
                                               recipes = recipes,
                                               allowEdit = allowEdit,
                                               userBackground = user_bgr,
                                               subscribed = subscribed)
Example #2
0
    def add_comment_rating(self, user, comment_id, rating):
        connection = sqlite3.connect('recipe.db')
        connection.row_factory = sqlite3.Row
        cursor = connection.cursor()

        udao = UserDAO()
        user_id = udao.get_user_id_from_name(cursor, user)

        new_rating = 1 if rating > 0 else -1

        if self.check_comment_rating_exists(cursor, comment_id, user_id):
            current_rating = int(self.get_current_comment_rating(cursor, comment_id, user_id))
            if current_rating == new_rating:
                new_rating = 0    

            cursor.execute("UPDATE tbl_comment_rating \
                            SET OPINION = ? \
                            WHERE COMMENT_ID = ? AND USER_ID = ?", (new_rating, comment_id, user_id))
        else:
            cursor.execute("INSERT INTO tbl_comment_rating (COMMENT_ID, USER_ID, OPINION) \
                            VALUES (?, ?, ?)", (comment_id, user_id, new_rating))

        connection.commit()
        connection.close()
        return new_rating
Example #3
0
def login():
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        dao = UserDAO()
        user = dao.login_user(username, password)
        ldao = LogDAO()
        
        if user == None:
            ldao.add_log(request, None, ldao.REQUEST_SIGNIN, 0)
            return redirect("/login?alert=Sign In Failed!|Make sure the details you entered are correct and try again.|alert-fail")
        else:
            ldao.add_log(request, user.username, ldao.REQUEST_SIGNIN, 1)
            resp = make_response(redirect("/?alert=Sign In Success|Start creating and browsing awesome recipes.|alert-suc"))
            resp.set_cookie("signedIn", "true")
            resp.set_cookie("user", user.username)
            resp.set_cookie("session_key", user.sessionKey)
            return resp
    elif request.method == 'GET':
        alertParam = request.args.get("alert")
        alert = None

        if alertParam:
            alertData = urllib.parse.unquote(alertParam)
            alertData = alertData.split("|")
            alert = Alert(alertData[0], alertData[1], alertData[2]) 

        return render_template("login.html", signedIn = request.cookies.get("signedIn"),
                                             user = request.cookies.get("user"),
                                             alert = alert)
Example #4
0
def logFilter():
    if request.method == 'GET':
        udao = UserDAO()
        admin = udao.check_admin(request.cookies.get("user"), request.cookies.get("session_key"))

        if admin:
            ret_data = ""
            ldao = LogDAO()
            _type = request.args.get("type")
            status  = request.args.get("status")
            url = request.args.get("url")
            ip = request.args.get("ip")
            user_agent = request.args.get("user-agent")

            logs = ldao.get_logs(_type, status, url, ip, user_agent)

            for log in logs:
                ret_data += f"""
                            <tr>
                                <td>{log.id}</td>
                                <td>{log.user_id}</td>
                                <td>{log.type}</td>
                                <td>{log.ip}</td>
                                <td>{log.port}</td>
                                <td>{log.url}</td>
                                <td>{log.date}</td>
                                <td>{log.status}</td>
                                <td>{log.user_agent}</td>
                                <td>{log.host}</td>
                            </tr>
                            """
            
            return ret_data
        return "N"
Example #5
0
def signup():
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        dao = UserDAO()
        user = dao.signup_user(username, password)
        ldao = LogDAO()

        if not user:
            ldao.add_log(request, None, ldao.REQUEST_SIGNUP, 0)
            resp = make_response(redirect("/signup?alert=Username is Already Taken|Try another username and sign up again.|alert-fail"))
            return resp
        else:
            ldao.add_log(request, user.username, ldao.REQUEST_SIGNUP, 1)
            resp = make_response(redirect("/?alert=Sign Up Success|Start creating and browsing awesome recipes.|alert-suc"))
            resp.set_cookie("signedIn", "true")
            resp.set_cookie("user", user.username)
            resp.set_cookie("session_key", user.sessionKey)
            return resp
    else:
        alertParam = request.args.get("alert")
        alert = None

        if alertParam:
            alertData = urllib.parse.unquote(alertParam)
            alertData = alertData.split("|")
            alert = Alert(alertData[0], alertData[1], alertData[2]) 

        resp = make_response(render_template("signup.html", signedIn = request.cookies.get("signedIn"),
                                                            user = request.cookies.get("user"),
                                                            alert = alert))
        return resp
Example #6
0
def start():
    try:
        userDAO = UserDAO()
        permission = userDAO.findPermission('zhangsan','123456')
        user = UserFactory.getUser(permission)
        user.sameOperation()
        user.diffOperation
    except:
        pass
Example #7
0
def unsubscribe(user):
    if request.method == 'GET':
        udao = UserDAO()
        valid_key = udao.check_user_session_key(request.cookies.get("user"), request.cookies.get("session_key"))

        if valid_key:
            sdao = SubscribeDAO()
            sdao.unsubscribe(request.cookies.get("user"), user)
    
    return redirect(f"/account/{user}")
    def add_recipe(self, user, recipeName, recipeDesc, recipeIngr):
        connection = sqlite3.connect('recipe.db')
        cursor = connection.cursor()

        udao = UserDAO()
        id = udao.get_user_id_from_name(cursor, user)
        cursor.execute("INSERT INTO tbl_recipe (RECIPE_OWNER, RECIPE_NAME, RECIPE_DESCRIPTION, RECIPE_INGREDIENTS) \
                        VALUES (?, ?, ?, ?)", (id, recipeName, recipeDesc, recipeIngr))
        connection.commit()
        connection.close()
Example #9
0
 def get_users_favourites_recipe_ids(self, user):
     connection = sqlite3.connect('recipe.db')
     cursor = connection.cursor()
     udao = UserDAO()
     id = udao.get_user_id_from_name(cursor, user)
     cursor.execute("SELECT RECIPE_ID \
                     FROM tbl_favourite \
                     WHERE USER_ID = ?", (id,))
     rows = cursor.fetchall()
     return rows
    def is_subscribed(self, user, sub):
        connection = sqlite3.connect('recipe.db')
        cursor = connection.cursor()

        udao = UserDAO()
        user_id = udao.get_user_id_from_name(cursor, user)
        sub_id = udao.get_user_id_from_name(cursor, sub)

        subsribed = self.check_already_subscribed(cursor, user_id, sub_id)
        connection.close()
        return subsribed
Example #11
0
def favourite_delete(user, recipeName, recipeID):
    if request.method == 'DELETE':
        udao = UserDAO()
        valid_key = udao.check_user_session_key(request.cookies.get("user"), request.cookies.get("session_key"))

        if valid_key:
            fdao = FavouriteDAO()
            result = "Y" if fdao.delete_favourite(request.cookies.get("user"), recipeID) else "N"
            return result

    return "N"
    def unsubscribe(self, user, sub):
        connection = sqlite3.connect('recipe.db')
        cursor = connection.cursor()

        udao = UserDAO()
        user_id = udao.get_user_id_from_name(cursor, user)
        sub_id = udao.get_user_id_from_name(cursor, sub)

        cursor.execute("DELETE FROM tbl_subscribe \
                        WHERE USER_ID = ? AND SUBBED_USER_ID = ?", (user_id, sub_id))
        connection.commit()
        connection.close()
    def get_subscribed_pages_for_user(self, user):
        connection = sqlite3.connect('recipe.db')
        cursor = connection.cursor()

        udao = UserDAO()
        user_id = udao.get_user_id_from_name(cursor, user)

        cursor.execute("SELECT SUBBED_USER_ID FROM tbl_subscribe \
                        WHERE USER_ID = ?", (user_id,))
        rows = cursor.fetchall()
        connection.close()
        return rows
Example #14
0
def addRating(user, recipeName):
    if request.method == 'GET':
        udao = UserDAO();
        valid_key = udao.check_user_session_key(request.cookies.get("user"), request.cookies.get("session_key"))

        if valid_key:
            comment_id = request.args.get("cid")
            rating = request.args.get("r")
            if comment_id and rating:
                cdao = CommentDAO()
                result = cdao.add_comment_rating(request.cookies.get("user"), comment_id, int(rating))
                return str(result)
        return "N"
    def subscribe(self, user, sub):
        connection = sqlite3.connect('recipe.db')
        cursor = connection.cursor()

        udao = UserDAO()
        user_id = udao.get_user_id_from_name(cursor, user)
        sub_id = udao.get_user_id_from_name(cursor, sub)

        if user_id and sub_id and not self.check_already_subscribed(cursor, user_id, sub_id):
            cursor.execute("INSERT INTO tbl_subscribe (USER_ID, SUBBED_USER_ID, SUBSCRIBE_DATE) \
                            VALUES (?, ?, ?)", (user_id, sub_id, datetime.datetime.now()))
            connection.commit()
        connection.close()
Example #16
0
def favourite_add(user, recipeName):
    if request.method == 'PUT':
        udao = UserDAO()
        valid_key = udao.check_user_session_key(request.cookies.get("user"), request.cookies.get("session_key"))

        if valid_key:
            recipe_id = request.args.get("recipe")
            print(recipe_id)
            fdao = FavouriteDAO()
            result = "Y" if fdao.add_favourite(request.cookies.get("user"), recipe_id) else "N"
            return result
        
        return "N"
Example #17
0
def recipe_delete(user, recipeName):
    if request.method == "DELETE":
        ldao = LogDAO()
        udao = UserDAO()
        valid_key = udao.check_user_session_key(user, request.cookies.get("session_key"))

        if valid_key: 
            dao = RecipeDAO()
            dao.delete_recipe(user, recipeName.replace("-", " "))
            ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_DEL_RECIPE, 1)
            return "Y"
        else: 
            ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_DEL_RECIPE, 0)
            return "N"
Example #18
0
def logs():
    if request.method == 'GET':
        udao = UserDAO()
        admin = udao.check_admin(request.cookies.get("user"), request.cookies.get("session_key"))

        if admin: 
            ldao = LogDAO()
            logs = ldao.get_logs(None, None, None, None, None)

            return render_template("logs.html",
                                    logs = logs,
                                    signedIn = request.cookies.get("signedIn"),
                                    user = request.cookies.get("user"))
        return "ACCESS DENIED"
Example #19
0
    def add_log(self, request, user, _type, status):
        connection = sqlite3.connect('recipe.db')
        cursor = connection.cursor()

        print(type(request.user_agent))

        udao = UserDAO()
        user_id = udao.get_user_id_from_name(cursor, user) if user else None

        cursor.execute("INSERT INTO tbl_log (USER_ID, REQ_TYPE, REQ_IP, REQ_PORT, REQ_URL, REQ_DATE, REQ_STATUS, USER_AGENT, HOST) \
                        VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)",
                        (user_id, _type, request.remote_addr, int(request.environ['REMOTE_PORT']),
                         request.url, str(datetime.datetime.now()).split(".")[0], status, str(request.user_agent), request.host))
        connection.commit()
        connection.close()
Example #20
0
    def remove_comment(self, user, recipe_user, recipe):
        connection = sqlite3.connect('recipe.db')
        cursor = connection.cursor()

        udao = UserDAO()
        user_id = udao.get_user_id_from_name(cursor, user)

        rdao = RecipeDAO()
        recipe_id = rdao.get_recipe_id_from_user_and_name(cursor, recipe_user, recipe.replace("-", " "))

        cursor.execute("DELETE FROM tbl_comment \
                        WHERE USER_ID = ? AND RECIPE_ID = ?", (user_id, recipe_id))
        connection.commit()
        connection.close()
        return True
Example #21
0
def removeComment(user, recipeName):
    if request.method == 'GET':
        ldao = LogDAO()
        udao = UserDAO()
        valid_key = udao.check_user_session_key(request.cookies.get("user"), request.cookies.get("session_key"))

        if valid_key:
            cdao = CommentDAO()
            result = cdao.remove_comment(request.cookies.get("user"), user, recipeName)

            if result:
                ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_DEL_COMMENT, 1)
                return "Y"

        ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_DEL_COMMENT, 0)
        return "N"
Example #22
0
    def add_favourite(self, user, recipe_id):
        connection = sqlite3.connect('recipe.db')
        cursor = connection.cursor()

        udao = UserDAO()
        user_id = udao.get_user_id_from_name(cursor, user)

        if user_id and recipe_id:
            cursor.execute("INSERT INTO tbl_favourite (USER_ID, RECIPE_ID) \
                            VALUES (?, ?)", (user_id, recipe_id))
            connection.commit()
            connection.close()
            return True
        
        connection.close()
        return False
Example #23
0
def delete_user(user):
    if request.method == 'GET':
        ldao = LogDAO()
        udao = UserDAO()
        valid_key = udao.check_user_session_key(user, request.cookies.get("session_key"))

        if valid_key:
            udao.delete_user(user)
            resp = make_response(redirect("/"))
            resp.delete_cookie("signedIn")
            resp.delete_cookie("user")
            resp.delete_cookie("session_key")
            return resp
    
        ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_DEL_ACCOUNT, 0)
        return redirect(f"/account/{user}/settings?alert=Account Delete Failed|Unable to delete your account.|alert-fail")
Example #24
0
def recipe_add(user, recipeName):
    if request.method == 'PUT':
        ldao = LogDAO()
        udao = UserDAO()
        valid_key = udao.check_user_session_key(user, request.cookies.get("session_key"))
        

        if valid_key:
            desc = request.args.get("desc")
            ingredients = request.args.get("ingredients")
            dao = RecipeDAO()
            dao.add_recipe(user, recipeName, desc, ingredients)
            ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_ADD_RECIPE, 1)
            return "Y"  
        else:
            ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_ADD_RECIPE, 0)
            return "N"
Example #25
0
    def add_comment(self, user, recipe_user, recipe, comment):
        connection = sqlite3.connect('recipe.db')
        cursor = connection.cursor()

        udao = UserDAO()
        user_id = udao.get_user_id_from_name(cursor, user)

        rdao = RecipeDAO()
        recipe_id = rdao.get_recipe_id_from_user_and_name(cursor, recipe_user, recipe.replace("-", " "))

        if self.user_already_left_comment(cursor, user_id, recipe_id):
            return        

        cursor.execute("INSERT INTO tbl_comment (USER_ID, RECIPE_ID, COMMENT_DETAILS, COMMENT_DATE) \
                        VALUES (?, ?, ?, ?)", (user_id, recipe_id, comment, datetime.datetime.now()))
        connection.commit()
        connection.close()
Example #26
0
def addComment(user, recipeName):
    if request.method == 'GET':
        ldao = LogDAO()
        udao = UserDAO()
        valid_key = udao.check_user_session_key(request.cookies.get("user"), request.cookies.get("session_key"))

        if valid_key:
            comment = request.args.get("comment")

            if (comment):
                cdao = CommentDAO()
                cdao.add_comment(request.cookies.get("user"), user, recipeName, comment)
                ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_ADD_COMMENT, 1)
                return "Y"

        ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_ADD_COMMENT, 1)        
        return "N"
Example #27
0
def reset_password():
    if request.method == 'GET':

        email = request.args.get("email")
        code = request.args.get("code")

        if email:
            eh = EmailHandler(email)
            code = eh.send_reset_link()
            udao = UserDAO()
            udao.update_password_reset_link(email, code)
        elif code:
            return render_template("resetpassword.html",
                                    signedIn = request.cookies.get("signedIn"),
                                    code = code)

        return render_template("resetpassword.html",
                                signedIn = request.cookies.get("signedIn"),
                                code = None)
    elif request.method == 'POST':
        password = request.form['pass']
        code = request.args.get("code")
        udao = UserDAO()
        ldao = LogDAO()
        success = udao.reset_password(code, password)

        if success:
            ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_PASSWORD_RESET, 1)
            return redirect("/?alert=Successfully changed password!|Password has been changed for the specified account, sign in with your new details|alert-suc")
        
        ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_PASSWORD_RESET, 1)
        return redirect("/?alert=Password change unsuccessful!|Some of the details you input must have been inccorect.|alert-fail")
Example #28
0
    def delete_favourite(self, user, recipe):
        connection = sqlite3.connect('recipe.db')
        cursor = connection.cursor()

        udao = UserDAO()
        user_id = udao.get_user_id_from_name(cursor, user)

        print(user_id, recipe)

        if user_id and recipe:
            cursor.execute("DELETE FROM tbl_favourite \
                            WHERE USER_ID = ? AND RECIPE_ID = ?", (user_id, recipe))
            connection.commit()
            connection.close()
            return True
        
        connection.close()
        return False
Example #29
0
    def edit_comment(self, user, recipe_user, recipe, comment):
        connection = sqlite3.connect('recipe.db')
        cursor = connection.cursor()

        udao = UserDAO()
        user_id = udao.get_user_id_from_name(cursor, user)

        rdao = RecipeDAO()
        recipe_id = rdao.get_recipe_id_from_user_and_name(cursor, recipe_user, recipe.replace("-", " "))

        print(user_id, recipe_id, comment)

        cursor.execute("UPDATE tbl_comment \
                        SET COMMENT_DETAILS = ?, COMMENT_EDITED = 1 \
                        WHERE USER_ID = ? AND RECIPE_ID = ?", (comment, user_id, recipe_id))
        connection.commit()
        connection.close()
        return True
Example #30
0
def editComment(user, recipeName):
    if request.method == 'GET':
        ldao = LogDAO()
        udao = UserDAO()
        valid_key = udao.check_user_session_key(request.cookies.get("user"), request.cookies.get("session_key"))

        if valid_key:
            comment = request.args.get("comment")

            if comment:
                cdao = CommentDAO()
                result = cdao.edit_comment(request.cookies.get("user"), user, recipeName, comment)
                if result:
                    ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_EDIT_COMMENT, 1)
                    return "Y"
                    
        ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_EDIT_COMMENT, 0)
        return "N"