def kanban_card_comment():
user = session['user_hash']
user = currentUser(user)
sql = "INSERT INTO card_comments (card_id, user, comment) VALUES (%s, %s, %s)"
if request.method == 'POST':
comment = request.form['comment']
card_id = request.form['card_id']
if comment and comment != '' and comment != ' ':
db, cur = connect()
cur.execute(sql, [card_id, user['user_hash'], comment])
db.commit()
db.close()
return redirect('http://127.0.0.1:5000/kanban/card/' +
str(card_id),
code=302)
return redirect('http://127.0.0.1:5000/kanban/card/' + str(card_id),
code=302)
def admin_create_user():
user = session['user_hash']
user = currentUser(user)
errors = []
success = []
permissions = getAllPermissions()
positions = getAllPositions()
form_dict = {}
if request.method == 'POST':
form_dict = loadForm(form_dict)
email = form_dict['email']
permission = form_dict['permission']
position = form_dict['position']
user_hash = generate_password_hash(
str(email) + str(permission) + str(position))
sql = "INSERT INTO users (email, permission_id, position_id, user_hash, verified, organization) VALUES (%s, %s, %s, %s, %s, %s)"
data = [
email, permission, position, user_hash, 0, user['organization']
]
db, cursor = connect()
cursor.execute(sql, data)
db.commit()
db.close()
registration = "<p>You Have been Invited to Sign up at TaskKonnect.</p><br>"
registration += "<p><a href='" + str(
site_url) + "complete_signup/" + str(
user_hash) + "'>Create Your Account</a></p>"
msg = Message(subject='TaskKonnect Invite - CSC 394',
html=registration,
sender="*****@*****.**",
recipients=[str(email)])
mail.send(msg)
success.append("A Signup Email has been sent to: " + str(email))
if user and user['permission'] == 'administrator':
return render_template('admin_create_user.html',
user=user,
errors=errors,
success=success,
permissions=permissions,
positions=positions)
else:
return redirect(url_for('login'))
def complete_signup(user_hash):
errors = []
success = []
user = currentUser(user_hash)
form_dict = {}
if request.method == 'POST':
form_dict = loadForm(form_dict)
email = form_dict['email']
first_name = form_dict['first_name']
last_name = form_dict['last_name']
password = generate_password_hash(form_dict['password'])
confirm_password = form_dict['confirm_password']
new_user_hash = generate_password_hash(
str(email) + str(first_name) + str(last_name) + str(password))
# Validate As Needed
if form_dict['password'] != confirm_password:
errors.append("Passwords do not Match.")
if len(errors) == 0:
db, cur = connect()
sql = """
UPDATE users
SET
first_name = %s,
last_name = %s,
password = %s,
user_hash = %s,
verified = 1
WHERE user_hash = %s
"""
data = [first_name, last_name, password, new_user_hash, user_hash]
cur.execute(sql, data)
db.commit()
db.close()
session['user_hash'] = new_user_hash
return redirect(url_for('home'))
return render_template('register.html',
current_data=user,
errors=errors,
success=success)
def kanban_add_card():
user = session['user_hash']
user = currentUser(user)
group_id = request.args.get('group')
category = request.args.get('category')
members = getGroupMembers(group_id)
form_dict = {}
errors = []
success = []
if request.method == 'POST':
form_dict = loadForm(form_dict)
empty = checkEmptyForm(form_dict)
if empty:
errors.append("There are empty fields! Please Complete")
else:
db, cur = connect()
sql = "INSERT INTO cards (title, description, assigned_to, kanban_category, group_id, completed, owner, due_date, archived) VALUES (%s, %s,%s, %s,%s, %s,%s,%s,%s)"
title = form_dict['title']
description = form_dict['description']
assigned_to = form_dict['assigned_to']
kanban_category = form_dict['kanban_category']
due_date = form_dict['due_date']
completed = form_dict['completed']
owner = user['user_hash']
cur.execute(sql, [
title, description, assigned_to, kanban_category, group_id,
completed, owner, due_date, 0
])
db.commit()
db.close()
success.append("Successfully Added a Card")
return render_template('kanban_add_card.html',
user=user,
members=members,
category=category,
errors=errors,
success=success)
def admin_manage_users():
user = session['user_hash']
user = currentUser(user)
db, cur = connect()
sql = """
SELECT * FROM users
"""
cur.execute(sql)
results = cur.fetchall()
columns = getColumns(cur)
db.close()
users = []
for row in results:
d = {}
for key, value in zip(columns, list(row)):
d[key] = value
users.append(d)
return render_template('admin_manage_users.html',
user=user,
users=users,
columns=columns)
def kanban_card_edit():
form_dict = {}
form_dict = loadForm(form_dict)
form_dict['completed'] = '1' if len(
request.form.getlist('completed')) > 0 else '0'
sql = """
UPDATE cards
SET
title = %s,
description = %s,
completed = %s,
due_date = %s,
archived = %s
WHERE id = %s
"""
data = [
form_dict['title'], form_dict['description'], form_dict['completed'],
form_dict['due_date'], form_dict['archived'], form_dict['card_id']
]
db, cur = connect()
cur.execute(sql, data)
db.commit()
db.close()
return redirect('/kanban/card/' + str(form_dict['card_id']))
def grouplist():
errors = []
success = []
print("here")
tupes = (request.form['names'].split(","))
print(tupes)
print(tupes[0])
hashs = getUserHash(tupes[2])
print(hashs)
sql = "DELETE FROM user_groups WHERE g_id = %s and user = %s"
data = [tupes[0], hashs[0]['user_hash']]
db, cursor = connect()
try:
cursor.execute(sql, data)
db.commit()
db.close()
print("deleeted")
success.append("Successfully Created Group")
except Exception as e:
errors.append("Exception found: " + str(e))
names = getUsersByGroups(tupes[0])
return render_template('grouplist.html', team=names)
def admin_edit_user(user_hash):
errors = []
success = []
user = session['user_hash']
user = currentUser(user)
permissions = getAllPermissions()
positions = getAllPositions()
db, cur = connect()
sql = """
SELECT
U.email as email,
U.first_name as first_name,
U.last_name as last_name,
P.permission_name as permission_name,
P.id as permission_id,
POS.id as position_id,
POS.position_name as position_name
FROM users U
JOIN permissions P
ON P.id = U.permission_id
JOIN positions POS
ON POS.id = U.position_id
WHERE U.user_hash = %s
"""
cur.execute(sql, [user_hash])
result = cur.fetchone()
columns = getColumns(cur)
user_data = {}
for key, value in zip(columns, list(result)):
user_data[key] = value
form_dict = {}
if request.method == 'POST':
form_dict = loadForm(form_dict)
email = form_dict['email']
first_name = form_dict['first_name']
last_name = form_dict['last_name']
permission_id = int(form_dict['permission_id'])
position_id = int(form_dict['position_id'])
sql = """
UPDATE users
SET
email = %s,
first_name = %s,
last_name = %s,
permission_id = %s,
position_id = %s
WHERE user_hash = %s
"""
data = [
email, first_name, last_name, permission_id, position_id, user_hash
]
cur.execute(sql, data)
db.commit()
db.close()
user_data = form_dict
user_data['permission_id'] = int(user_data['permission_id'])
user_data['position_id'] = int(user_data['position_id'])
success.append("Updated User's Info")
return render_template('admin_edit_user.html',
user_data=user_data,
user=user,
permissions=permissions,
positions=positions,
errors=errors,
success=success)
def groups():
form_dict = {}
errors = []
success = []
user = session['user_hash']
user = getCurrentUser(user)
users = getAllUsers()
groups = getAllGroups(user['user_hash'])
if request.method == 'POST':
# Get data from form
print(request.form)
if "team" in request.form:
sql = "INSERT INTO groups (g_name,owner) VALUES (%s, %s)"
data = [request.form['team'], user['user_hash']]
db, cursor = connect()
try:
cursor.execute(sql, data)
db.commit()
db.close()
success.append("Successfully Created Group")
groups = getAllGroups(user['user_hash'])
except Exception as e:
errors.append("Exception found: " + str(e))
return render_template('groups.html',
groups=groups,
users=users,
errors=errors,
success=success)
if "addusers" in request.form:
gids = getUserGroups(request.form['names'])
for i in gids:
print(request.form['gid'])
print(i['g_id'])
if int(request.form['gid']) == int(i['g_id']):
users = getAllUsers()
errors.append("was already in that group")
return render_template('groups.html',
groups=groups,
users=users,
errors=errors,
success=success)
print(request.form['gid'])
deleteUser(request.form['gid'], request.form['names'])
addUser(request.form['gid'], request.form['names'])
users = getAllUsers()
success.append("Successfully Added User to Group")
return render_template('groups.html',
groups=groups,
users=users,
errors=errors,
success=success)
else:
form_dict = request.form['sub']
names = getUsersByGroups(form_dict)
return render_template('grouplist.html', team=names)
return render_template('groups.html',
groups=groups,
users=users,
errors=errors,
success=success)
def register():
form_dict = {}
errors = []
success = []
try:
user = session['user_hash']
if user:
return redirect(url_for('home'))
except Exception as e:
pass
if request.method == 'POST':
# Get data from form
form_dict = loadForm(form_dict)
# Make sure fields are not empty
empty = checkEmptyForm(form_dict)
if not empty:
email = form_dict['email']
first_name = form_dict['first_name']
last_name = form_dict['last_name']
password = generate_password_hash(form_dict['password'])
confirm_password = form_dict['confirm_password']
perm = 1
position_id = 1
user_hash = generate_password_hash(
str(email) + str(first_name) + str(last_name) + str(password))
organization = generate_password_hash(str(user_hash))
# Validate As Needed
if form_dict['password'] != confirm_password:
errors.append("Passwords do not Match.")
if alreadyAnUser(email):
errors.append(
"There is already an user with that email address.")
# If no errors, proceed with database interaction
if len(errors) == 0:
sql = "INSERT INTO users (email, first_name, last_name, password, permission_id, position_id, user_hash, verified, organization) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)"
data = [
email, first_name, last_name, password, perm, position_id,
user_hash, 0, organization
]
db, cursor = connect()
try:
cursor.execute(sql, data)
db.commit()
db.close()
registration = "<p>Thank you for signing up. Please click the link to verify.</p><br>"
registration += "<p><a href='" + str(
site_url) + "confirm?user="******"'>Verify</a></p>"
msg = Message(subject='Verify Email - CSC 394',
html=registration,
sender="*****@*****.**",
recipients=[
str(email)
]) # ENTER YOUR EMAIL IN recipients
mail.send(msg)
success.append(
"You have been signed up. Please check your Email to verify your account."
)
except Exception as e:
errors.append("Exception found: " + str(e))
else:
print("There Was an Error.")
else:
errors.append('There are empty fields in the form.')
return render_template('register.html',
current_data=None,
errors=errors,
success=success)
