Exemple #1
0
def create_test():
    if session['logged_in'] and ('Read tests' in session or 'Edit tests' in session):
        name = request.form['testname']
        if len(request.form.getlist('testavail')) > 0:
            avail = True
        else:
            avail = False
        price = request.form['testprice']
        category = request.form['testcategory']
        testtype = request.form['testtype']
        code = request.form['testcode']
        desc = request.form['testdesc']
        q_session = Session()
        record = Tests(
            name=name,
            available=avail,
            price=price,
            category=category,
            type=testtype,
            code=code,
            description=desc
        )
        q_session.add(record)
        q_session.commit()
        msg = str(datetime.datetime.now()) + ': Created test with code = ' + code + ' by ' + current_user.email
        app.logger.info(msg)
        return redirect(url_for('.list_tests'))
    else:
        session['no-access'] = True
        session['tried'] = 'Tests'
        return redirect(url_for('login'))
Exemple #2
0
def modify_users():
    if session["logged_in"] and ("Read users" in session or "Edit users" in session):
        if request.form["submit"] == "save":
            roleslist = request.form.getlist("roleslist")
            username = request.form["usernameholder"]
            q_session = Session()
            roles = q_session.query(UserRoles).filter_by(email=username).delete()
            q_session.commit()
            for role in roleslist:
                record = UserRoles(email=username, user_role_id=role)
                q_session.add(record)
                q_session.commit()
            msg = str(datetime.datetime.now()) + ": Made changes to roles of " + username + " by " + current_user.email
            app.logger.info(msg)

        if request.form["submit"] == "delete":
            user = request.form["usernameholder"]
            q_session = Session()
            roles = q_session.query(UserRoles).filter_by(email=user).delete()
            q_session.commit()
            users = q_session.query(Login).filter_by(email=user).delete()
            q_session.commit()
            msg = str(datetime.datetime.now()) + ": Removed user " + user + " by " + current_user.email
            app.logger.info(msg)

        return redirect(url_for(".user_roles"))
    else:
        session["no-access"] = True
        session["tried"] = "Users"
        return redirect(url_for("login"))
Exemple #3
0
def create_user():
    if session["logged_in"] and ("Read users" in session or "Edit users" in session):
        roleslist = request.form.getlist("newuserroles")
        user = request.form["username"]
        passwd = request.form["passwd"]
        inppasswd = bcrypt.generate_password_hash(passwd)
        q_session = Session()
        userrecord = Login(email=user, passwd=inppasswd, authenticated=True)
        q_session.add(userrecord)
        q_session.commit()
        for role in roleslist:
            record = UserRoles(email=user, user_role_id=role)
            q_session.add(record)
            q_session.commit()
        msg = str(datetime.datetime.now()) + ": Created user with id = " + user + " by " + current_user.email
        app.logger.info(msg)
        return redirect(url_for(".user_roles"))
    else:
        session["no-access"] = True
        session["tried"] = "Users"
        return redirect(url_for("login"))
Exemple #4
0
def create_patient():
    if session['logged_in'] and ('Read patients' in session or 'Edit patients' in session):
        name = request.form['patientname']
        category = request.form['patientcategory']
        ptype = request.form['patienttype']
        age = request.form['patientage']
        sex = request.form['patientsex']
        contact = request.form['patientcontact']
        email = request.form['patientemail']
        address = request.form['patientaddress']
        reg_no = request.form['patientreg']
        ref_no = request.form['patientref']
        mlc_no = request.form['patientmlc']
        q_session = Session()
        record = Patients(
            name=name,
            category=category,
            type=ptype,
            age=age,
            sex=sex,
            contact=contact,
            email=email,
            address=address,
            reg_no=reg_no,
            ref_no=ref_no,
            mlc_no=mlc_no
        )
        q_session.add(record)
        q_session.commit()
        msg = str(datetime.datetime.now()) + ': Created patient with name = ' + name + ' and ref_no = ' + ref_no + \
            ' by ' + current_user.email
        app.logger.info(msg)
        return redirect(url_for('.list_patients'))
    else:
        session['no-access'] = True
        session['tried'] = 'Patients'
        return redirect(url_for('login'))
Exemple #5
0
def create_role():
    if session['logged_in'] and ('Read roles' in session or 'Edit roles' in session):
        role = request.form['rolename']
        permissionslist = request.form.getlist('rolepermissions')
        q_session = Session()
        record = Roles(name=role)
        q_session.add(record)
        q_session.commit()
        query = q_session.query(
            Roles
        ).filter(
            Roles.name == role
        ).first()
        for permission in permissionslist:
            record = RolesPermissions(role_id=query.id, permissions_id=permission)
            q_session.add(record)
            q_session.commit()
        msg = str(datetime.datetime.now()) + ': Created role ' + role + ' by ' + current_user.email
        app.logger.info(msg)
        return redirect(url_for('.list_roles'))
    else:
        session['no-access'] = True
        session['tried'] = 'Roles'
        return redirect(url_for('login'))
Exemple #6
0
def modify_role():
    if session['logged_in'] and ('Read roles' in session or 'Edit roles' in session):
        if request.form['submit'] == 'delete':
            role_id = request.form['roleid']
            q_session = Session()
            # Retrieve the role name for logging
            role = q_session.query(
                Roles
            ).filter_by(
                id=role_id
            ).first()
            rolename = role.name
            # Delete the role
            roles = q_session.query(
                Roles
            ).filter_by(
                id=role_id
            ).delete()
            # delete permissions associated with the role
            permissions = q_session.query(
                RolesPermissions
            ).filter(
                RolesPermissions.role_id == role_id
            ).delete()
            # delete user role map for the said role
            user_roles = q_session.query(
                UserRoles
            ).filter(
                UserRoles.user_role_id == role_id
            ).delete()
            q_session.commit()
            msg = str(datetime.datetime.now()) + ': Deleted role ' + rolename + ' by ' + current_user.email
            app.logger.info(msg)
        if request.form['submit'] == 'save':
            role_id = request.form['roleid']
            rolename = request.form['rolename']
            q_session = Session()

            # delete all existing permissions for this role
            permissions = q_session.query(
                RolesPermissions
            ).filter(
                RolesPermissions.role_id == role_id
            ).delete()
            q_session.commit()
            permissionslist = request.form.getlist('rolepermissions')

            # get system wide permissions
            all_permissions = all_permission_names()

            # find permissions to remove from session
            permissions_to_remove_from_session = list(set(all_permissions).difference(set(read_user_permissions())))

            # remove the permissions from session
            for permission_to_remove in permissions_to_remove_from_session:
                session.pop(permission_to_remove, None)

            # set all new permissions in session
            permission_names = q_session.query(
                Permissions.name
            ).filter(
                Permissions.id.in_(permissionslist)
            ).all()

            for each_permission in permission_names:
                session[each_permission[0]] = True

            # add new role permissions
            for permission in permissionslist:
                record = RolesPermissions(role_id=role_id, permissions_id=permission)
                q_session.add(record)
                q_session.commit()
            msg = str(datetime.datetime.now()) + ': Modified role ' + rolename + ' by ' + current_user.email
            app.logger.info(msg)
        return redirect(url_for('.list_roles'))
    else:
        session['no-access'] = True
        session['tried'] = 'Roles'
        return redirect(url_for('login'))