def update_user(id): user_helper = user.User() password = request.form['password'] confirm = request.form['confirm'] if password != '': if password == confirm: if not user_helper.change_password(id, password): return jsonify({"err": 1, "msg": user_helper.err_msg()}) else: return jsonify({ "err": 1, "msg": "Detected Password Change but Wrong Confirmation Password" }) user_helper.load_user(id) data = user_helper.get_data() if data['auth'] == 'admin': name = request.form['name'] email = request.form['email'] phone = request.form['phone'] address = request.form['address'] filesize = request.form['filesize'] user_limit = request.form['user_limit'] enterprise_helper = enterprise.Enterprise() if not enterprise_helper.update_enterprise( data['id'], name, address, email, phone, filesize, user_limit): return jsonify({"err": 1, "msg": enterprise_helper.error_msg()}) return jsonify({"err": 0, "msg": "Success"})
def get_user(id): user_helper = user.User() if session.get("login") is None: abort(403) id_session = session['id'] user_helper.load_user(id_session) data = user_helper.get_data() if data['auth'] == 'user': abort(403) if id is not None: res = user_helper.load_user(id) if res is False: abort(404) if res['auth'] == 'root': abort(403) if res['auth'] == 'admin': enterprise_helper = enterprise.Enterprise() res['enterprise'] = enterprise_helper.get_enterprise_by_user( res['id']) return jsonify(res) else: return jsonify({"err": 1, "msg": "Must Have ID"})
def users(): user_helper = user.User() if session.get("login") is None: return redirect("/login") if session.get("lock") is True: return redirect("/lock") err = 0 msg = '' if request.method == 'POST': username = request.form['username'] password = request.form['password'] confirm = request.form['confirm'] auth = '' admin = 0 if session['auth'] == 'root': auth = 'admin' elif session['auth'] == 'admin': auth = 'user' admin = session['id'] if confirm is not password: err = 1 msg = "Confirm Password Incorrect" if user_helper.add_user(username, password, auth, admin): if auth == "admin": # Add Enterprise Data name = request.form['enterprise-name'] address = request.form['enterprise-address'] email = request.form['enterprise-email'] phone = request.form['enterprise-phone'] filesize = request.form['enterprise-filesize'] user_limit = request.form['enterprise-user'] enterprise_helper = enterprise.Enterprise() u = user_helper.get_by_username(username) if enterprise_helper.add_enterprise(name, address, email, phone, filesize, user_limit, u['id']): msg = "Success" return redirect("/users") msg = "Success" return redirect("/users") else: err = 1 msg = user_helper.err_msg() all_user = None if session['auth'] == 'root': all_user = user_helper.get_all_admin() elif session['auth'] == 'admin': all_user = user_helper.get_enterprise_user(session['id']) session['page'] = 'users' return render_template("user.html", users=all_user, err=err, msg=msg)
def add_user(): user_helper = user.User() err = 0 msg = '' if request.method == 'POST': username = request.form['username'] email = request.form['email'] password = request.form['password'] confirm = request.form['confirm'] auth = '' admin = 0 if session['auth'] == 'root': auth = 'admin' elif session['auth'] == 'admin': auth = 'user' admin = session['id'] if confirm is not password: err = 1 msg = "Confirm Password Incorrect" if user_helper.add_user(username, password, email, auth, admin): if auth == "admin": # Add Enterprise Data name = request.form['enterprise_name'] address = request.form['enterprise_address'] email = request.form['enterprise_email'] phone = request.form['enterprise_phone'] filesize = request.form['enterprise_filesize'] user_limit = request.form['enterprise_user'] enterprise_helper = enterprise.Enterprise() u = user_helper.get_by_username(username) if enterprise_helper.add_enterprise(name, address, email, phone, filesize, user_limit, u['id']): err = 0 msg = "Success" else: err = 1 msg = "Failed" else: err = 1 msg = user_helper.err_msg() return jsonify({'err': err, 'msg': msg})
def add_files(): enterprise_helper = enterprise.Enterprise() # check if the post request has the file part if 'file' not in request.files: return jsonify({"err": 1, "msg": "No File Part " + str(request.files)}) file = request.files['file'] # if user does not select file, browser also # submit a empty part without filename if file.filename == '': return jsonify({"err": 1, "msg": "No Selected File"}) if file and allowed_file(file.filename): file_helper = fl.Files() user_helper = user.User() user_helper.load_user(session['id']) user_data = user_helper.get_data() filename = secure_filename(file.filename) basedir = os.getcwd() if not os.path.exists(basedir + app.config['UPLOAD_FOLDER'] + "/" + user_data['home_folder']): os.makedirs(basedir + app.config['UPLOAD_FOLDER'] + "/" + user_data['home_folder']) if not os.path.exists(basedir + app.config['UPLOAD_FOLDER'] + "/" + user_data['home_folder'] + "/files"): os.makedirs(basedir + app.config['UPLOAD_FOLDER'] + "/" + user_data['home_folder'] + "/files") if not os.path.exists(basedir + app.config['UPLOAD_FOLDER'] + "/" + user_data['home_folder'] + "/project"): os.makedirs(basedir + app.config['UPLOAD_FOLDER'] + "/" + user_data['home_folder'] + "/project") target = basedir + app.config['UPLOAD_FOLDER'] + "/" + user_data[ 'home_folder'] + "/files" file.save(os.path.join(target, filename)) file_helper.add_file(filename, session['id'], user_data['home_folder'] + "/files/" + filename) return jsonify({ "err": 0, "msg": "Upload File Success", "filename": file.filename }) else: return jsonify({"err": 1, "msg": "Extension not Allowed"})
def api_user(id=None): user_helper = user.User() if session.get("login") is None: return redirect("/login") if session.get("lock") is True: return redirect("/lock") id_session = session['id'] user_helper.load_user(id_session) data = user_helper.get_data() if request.method == 'GET': if data['auth'] == 'user': abort(404) if id is not None: res = user_helper.load_user(id) if res is False: abort(404) if res['auth'] == 'root': abort(403) if res['auth'] == 'admin': enterprise_helper = enterprise.Enterprise() res['enterprise'] = enterprise_helper.get_enterprise_by_user( res['id']) return jsonify(res) else: return jsonify({"err": "Must Have ID"}) if request.method == 'DELETE': if user_helper.delete_user(id): return jsonify({"err": 0, "msg": "Success"}) else: return jsonify({"err": 1, "msg": user_helper.err_msg()}) if request.method == 'PUT': username = request.form['username'] password = request.form['password'] confirm = request.form['confirm'] user_helper.change_username(id, username) if password != '': if password == confirm: if not user_helper.change_password(id, password): return jsonify({"err": 1, "msg": user_helper.err_msg()}) else: return jsonify({ "err": 1, "msg": "Detected Password Change but Wrong Confirmation Password" }) user_helper.load_user(id) data = user_helper.get_data() if data['auth'] == 'admin': name = request.form['name'] email = request.form['email'] phone = request.form['phone'] address = request.form['address'] filesize = request.form['filesize'] user_limit = request.form['user_limit'] enterprise_helper = enterprise.Enterprise() if not enterprise_helper.update_enterprise( data['id'], name, address, email, phone, filesize, user_limit): return jsonify({ "err": 1, "msg": enterprise_helper.error_msg() }) return jsonify({"err": 0, "msg": "Success"})