def new():
"""
Vista de creacion de un usuario, devuelve la vista en el metodo GET o
valida en el metodo POST, si la validacion es correcta guarda el usuario
en la base, si no flashea mensajes de error de las validaciones que
fallaron
"""
if (request.method == 'POST'):
if (check_token(request.form["csrf_token"])):
nuevoUsuario = User(
first_name=(sql_escape(request.form["nombre"])),
password=request.form["password"],
email=request.form["email"],
last_name=(sql_escape(request.form["apellido"])),
username=(request.form["usuario"]))
try:
nuevoUsuario.validate_and_save()
flash("Usuario creado correctamente", "success")
return redirect(url_for('users.index'))
except AssertionError as e:
flash_messages(str(e))
return render_template('user/new.html', last_form=request.form)
else:
return render_template('user/new.html')
else:
CSRF_TOKEN = generate_token()
return render_template("user/new.html", CSRF_TOKEN_STRING=CSRF_TOKEN)
def index():
"""
Vista del formulario de configuración
"""
configurations = Configuration.query.order_by(Configuration.name).all()
configs = {}
first_name = ''
for element in configurations:
name = element.name.split('.')
if first_name != name[0]:
first_name = name[0]
configs_content = []
configs[name[0]] = configs_content
content_elements = [element.name, element.value]
configs[name[0]].append(content_elements)
CSRF_TOKEN = generate_token()
return render_template(
"configuration/configuration.html",
configs=configs,
CSRF_TOKEN_STRING=CSRF_TOKEN
)
def new():
"""
Metodo para crear un nuevo turno
Se debe mandar en el get los parametros inciales.
"""
if request.method == 'POST':
try:
form = request.form
center_id = form["center-id"]
date = form["date"]
start_hour = f"{form['start-hour']}:{form['start-minute']}:00"
CSRF_TOKEN = form["csrf_token"]
center_name = Center.query.filter_by(id=center_id).first().name
start_hour = datetime.strptime(start_hour, "%H:%M:%S")
start_hour = datetime.strftime(start_hour, "%H:%M")
date_center = datetime.strptime(form["date"], "%Y-%m-%d")
if (not check_token(CSRF_TOKEN)):
error = "Cómo perdiste el token csrf?? Acá tenes otro ¬.¬"
error += " No lo pierdas..."
flash(error, "error")
return render_template('turn/new.html',
center_id=center_id,
center_name=center_name,
date=date,
start_hour=start_hour)
new_turn = Turno(
center=form["center-id"],
email=form["email"],
phone_number=form["phone"],
date=date_center,
hour_block=start_hour,
)
new_turn.validate_and_save()
date = date_center.date().strftime("%d/%m/%Y")
flash("Turno creado correctamente", "success")
return redirect(
url_for('centers.turns_index', id=center_id, fecha=date))
except ValueError:
flash("No se pudo guardar el turno. Intente nuevamente.", "error")
return redirect(url_for("centers.index"))
except AttributeError:
center_name = ""
error = ("El centro no existe, por favor vuelva a la vista de" +
" turnos de un centro para seleccionar un nuevo turno")
flash(error, "error")
return redirect(url_for('centers.index'))
except AssertionError as e:
flash_messages(str(e))
return render_template(
'turn/new.html',
center_id=center_id,
center_name=center_name,
date=date,
start_hour=start_hour,
last_form=request.form,
CSRF_TOKEN_STRING=CSRF_TOKEN,
)
elif request.method == 'GET':
try:
center_id = request.args.get("center_id")
date = request.args.get("date")
start_hour = request.args.get("start_hour")
CSRF_TOKEN = generate_token()
center_name = Center.query.filter_by(id=center_id).first().name
datetime.strptime(date, "%Y-%m-%d")
datetime.strptime(start_hour, "%H:%M:%S")
return render_template('turn/new.html',
center_id=center_id,
center_name=center_name,
date=date,
start_hour=start_hour,
CSRF_TOKEN_STRING=CSRF_TOKEN)
except (AttributeError, ValueError):
flash("Hubo un error, intente nuevamente crear un turno", "error")
return redirect(url_for('centers.index', id=center_id))
def update(id):
centers = {
center.id: center.name
for center in Center.query.filter_by(publication_state=True)
}
hours = [
"00", "01", "02", "03", "04", "05", "06", "07", "08", "09", "10", "11",
"12", "13", "14", "15", "16", "17", "18", "19", "20", "21", "22", "23"
]
if request.method == 'POST':
form = request.form
CSRF_TOKEN = form["csrf_token"]
if not (check_token(request.form["csrf_token"])):
return redirect(url_for('turns.update', id=id))
if (not form["center-id"].isnumeric()) or (int(form["center-id"])
not in centers.keys()):
flash("El centro no existe o esta deshabilitado", "error")
return redirect(url_for('turns.show', id=id))
try:
turn = Turno.query.filter_by(id=id).first()
old_turn = Turno.query.filter_by(id=id).first()
new_date = datetime.strptime(form["datepicker"], "%d/%m/%Y")
new_hour = f"{form['start-hour']}:{form['start-minute']}"
datetime.strptime(new_hour, "%H:%M")
if not turn:
abort(400)
turn.phone_number = form["phone"]
turn.email = form["email"]
turn.center = int(form["center-id"])
turn.date = new_date
turn.hour_block = new_hour
turn.validate_and_save(update=True)
flash("El turno se modificó correctamente", "success")
return redirect(url_for('turns.show', id=turn.id))
except ValueError:
flash("La hora debe tener formato de H:M:S", "error")
flash("La fecha debe tener formado de DD/MM/YYYY", "error")
send_date = old_turn.date.strftime("%d/%m/%Y")
send_hour = old_turn.hour_block
return render_template('turn/update.html',
turn=turn,
hours=hours,
date=send_date,
hour_block=send_hour,
centers=centers,
CSRF_TOKEN_STRING=CSRF_TOKEN)
except AttributeError:
error = ("El centro no existe, por favor vuelva a la vista de" +
" turnos de un centro para seleccionar un nuevo turno")
flash(error, "error")
return render_template('turn/update.html',
turn=turn,
hours=hours,
date=form["datepicker"],
hour_block=send_hour,
centers=centers,
CSRF_TOKEN_STRING=CSRF_TOKEN)
except AssertionError as e:
flash_messages(str(e))
new_hour += ":00"
send_hour = datetime.strptime(new_hour, "%H:%M:%S")
return render_template('turn/update.html',
turn=turn,
hours=hours,
date=form["datepicker"],
hour_block=send_hour,
centers=centers,
CSRF_TOKEN_STRING=CSRF_TOKEN)
elif request.method == 'GET':
turn = Turno.query.filter_by(id=id).first()
if not turn:
abort(400)
CSRF_TOKEN = generate_token()
date = turn.date.strftime("%d/%m/%Y")
hour_block = turn.hour_block
return render_template('turn/update.html',
turn=turn,
hours=hours,
date=date,
hour_block=hour_block,
centers=centers,
CSRF_TOKEN_STRING=CSRF_TOKEN)
def update(username):
"""
Vista de actualizacion de un usuario, devuelve la vista en el metodo GET o
valida en el metodo POST, si la validacion es correcta actualiza el usuario
en la base, si no flashea mensajes de error de las validaciones que
fallaron
"""
if (request.method == 'POST'):
roles_query = Role.query.all()
if (check_token(request.form["csrf_token"])):
CSRF_TOKEN = request.form["csrf_token"]
user = User.query.filter_by(
username=request.form["usuario"]).first()
if (not user) or (user.username != username):
flash("Hubo un error, por favor intente nuevamente", "error")
return redirect(url_for("users.index"))
user.first_name = (sql_escape(request.form["nombre"]))
user.last_name = (sql_escape(request.form["apellido"]))
if request.form["email"] != user.email:
user.email = request.form["email"]
if validate_email(user):
flash(validate_email(user)[:-1], "error")
return render_template('user/update.html',
user=user,
CSRF_TOKEN_STRING=CSRF_TOKEN,
roles=roles_query,
new_form=False)
if (not user.es_admin()
or (user.es_admin() and not user.es_activo())):
if ("activo" in request.form.keys()
and request.form["activo"] == "on"):
user.activo = True
else:
user.activo = False
for role in roles_query:
if (role.name == 'administrador_del_sistema'):
if not (session.get('username') == user.username):
update_role(request.form, role, user)
else:
update_role(request.form, role, user)
new_password = False
if request.form["password"]:
if user.check_password(request.form["password"]):
if request.form["newPassword"]:
new_password = True
user.password = request.form["newPassword"]
else:
flash("Debe ingresar un nuevo password", "error")
return render_template('user/update.html',
user=user,
CSRF_TOKEN_STRING=CSRF_TOKEN,
roles=roles_query,
new_form=False)
else:
flash("El password ingresado no es correcto", "error")
return render_template('user/update.html',
user=user,
CSRF_TOKEN_STRING=CSRF_TOKEN,
roles=roles_query,
new_form=False)
try:
user.validate_and_save(update=True,
password_change=new_password)
flash("Usuario modificado correctamente", "success")
return redirect(url_for('users.index'))
except AssertionError as e:
flash_messages(str(e))
return render_template('user/update.html',
user=user,
CSRF_TOKEN_STRING=CSRF_TOKEN,
roles=roles_query,
new_form=False)
else:
return render_template("user/update.html", user=user)
else:
CSRF_TOKEN = generate_token()
user = User.query.filter_by(username=username).first()
if not user:
abort(404)
roles_query = Role.query.all()
return render_template("user/update.html",
user=user,
CSRF_TOKEN_STRING=CSRF_TOKEN,
roles=roles_query,
new_form=True)
def new():
"""
Vista de creacion de un centro de ayuda, devuelve la vista en el metodo
GET o valida en el metodo POST, si la validacion es correcta guarda
el centro en la base, si no flashea mensajes de error de las
validaciones que fallaron
"""
if (request.method == 'POST'):
if not (check_token(request.form["csrf_token"])):
return render_template(
'centers/new.html',
center_types=Type.query.order_by(Type.name).all(),
)
form = request.form
nuevo_centro = Center(
name=form['nombre-centro'],
address=form['direccion'],
phone_number=form['phone'],
opens_at=f"{form['opens_at_hour']}:{form['opens_at_min']}",
close_at=f"{form['close_at_hour']}:{form['close_at_min']}",
municipio=form["muni"],
coordinates=f"{form['lat']},{form['lng']}")
nuevo_centro.types.append(
Type.query.filter_by(name=form["tipo"]).first())
if "email" in form:
nuevo_centro.email = form["email"]
if "web" in form:
nuevo_centro.web = form["web"]
if "publication_state" in form:
nuevo_centro.publication_state = True
# Solo pueden acceder usuarios con permisos
estado = State.query.filter_by(name="Aprobado").first()
estado.centers.append(nuevo_centro)
msj = "Centro cargado correctamente."
try:
if request.files["protocolo"]:
# Validate and save si tiene pdf
nuevo_centro.validate_and_save(pdf=request.files["protocolo"])
save_pdf_file(request.files["protocolo"],
nuevo_centro.protocolo)
else:
# Validate and save si no tiene pdf
nuevo_centro.validate_and_save()
flash(msj, "success")
return redirect(url_for('centers.index'))
except AssertionError as e:
flash_messages(str(e))
return render_template(
'center/new.html',
last_form=request.form,
center_types=Type.query.order_by(Type.name).all(),
)
return redirect('/center')
else: # method=GET
CSRF_TOKEN = generate_token()
return render_template(
'/center/new.html',
center_types=Type.query.order_by(Type.name).all(),
CSRF_TOKEN_STRING=CSRF_TOKEN,
)
def update(center_id):
"""
Actualiza el Centro pasado por la url
"""
center = Center.query.filter_by(id=center_id).first()
if not center:
abort(404)
if (request.method == 'POST'):
if not (check_token(request.form["csrf_token"])):
CSRF_TOKEN = generate_token()
return render_template("center/update.html",
center=center,
center_types=Type.query.order_by(
Type.name).all(),
CSRF_TOKEN_STRING=CSRF_TOKEN)
else:
CSRF_TOKEN = request.form["csrf_token"]
form = request.form
center.name = form['nombre-centro']
center.address = form['direccion']
center.phone_number = form['phone']
center.municipio = form["muni"]
center.coordinates = f"{form['lat']},{form['lng']}"
if center.types[0].name != form['tipo']:
center.types.remove(center.types[0])
center.types.append(
Type.query.filter_by(name=form["tipo"]).first())
if "email" in form:
center.email = form["email"]
if "web" in form:
center.web = form["web"]
if "publication_state" in form:
if center.state == 1:
center.publication_state = True
else:
center.publication_state = False
if center.state == 3:
estado = State.query.filter_by(name="Rechazado").first()
estado.centers.remove(center)
estado = State.query.filter_by(name="Pendiente").first()
estado.centers.append(center)
if ((center.opens_at != (datetime.strptime(
f"{form['opens_at_hour']}"
f":{form['opens_at_min']}", '%H:%M').time())
or (center.close_at != (datetime.strptime(
f"{form['close_at_hour']}"
f":{form['close_at_min']}", '%H:%M').time()))
)): # Si se intenta modificar algun horario:
if center.tiene_turnos_futuros():
flash(
"No se puede actualizar el horario del centro si le"
" quedan turnos futuros", "error")
return render_template('center/update.html',
center=center,
center_types=Type.query.order_by(
Type.name).all(),
CSRF_TOKEN_STRING=CSRF_TOKEN)
center.opens_at = (f"{form['opens_at_hour']}:"
f"{form['opens_at_min']}")
center.close_at = (f"{form['close_at_hour']}:"
f"{form['close_at_min']}")
try:
if request.files["protocolo"]:
# Validate and save si tiene pdf
if center.protocolo:
delete_pdf_file(center.protocolo)
center.validate_and_save(update=True,
pdf=request.files["protocolo"])
save_pdf_file(request.files["protocolo"], center.protocolo)
else:
# Validate and save si no tiene pdf
center.validate_and_save(update=True)
flash("Centro actualizado correctamente.", "success")
return redirect(url_for('centers.index'))
except AssertionError as e:
flash_messages(str(e))
return render_template('center/update.html',
center=center,
center_types=Type.query.order_by(
Type.name).all(),
CSRF_TOKEN_STRING=CSRF_TOKEN)
else: # Method: GET
CSRF_TOKEN = generate_token()
return render_template("center/update.html",
center_types=Type.query.order_by(
Type.name).all(),
CSRF_TOKEN_STRING=CSRF_TOKEN,
center=center)