def update_user(id):
user_helper = user.User()
password = request.form['password']
confirm = request.form['confirm']
if password != '':
if password == confirm:
if not user_helper.change_password(id, password):
return jsonify({"err": 1, "msg": user_helper.err_msg()})
else:
return jsonify({
"err":
1,
"msg":
"Detected Password Change but Wrong Confirmation Password"
})
user_helper.load_user(id)
data = user_helper.get_data()
if data['auth'] == 'admin':
name = request.form['name']
email = request.form['email']
phone = request.form['phone']
address = request.form['address']
filesize = request.form['filesize']
user_limit = request.form['user_limit']
enterprise_helper = enterprise.Enterprise()
if not enterprise_helper.update_enterprise(
data['id'], name, address, email, phone, filesize, user_limit):
return jsonify({"err": 1, "msg": enterprise_helper.error_msg()})
return jsonify({"err": 0, "msg": "Success"})
def get_user(id):
user_helper = user.User()
if session.get("login") is None:
abort(403)
id_session = session['id']
user_helper.load_user(id_session)
data = user_helper.get_data()
if data['auth'] == 'user':
abort(403)
if id is not None:
res = user_helper.load_user(id)
if res is False:
abort(404)
if res['auth'] == 'root':
abort(403)
if res['auth'] == 'admin':
enterprise_helper = enterprise.Enterprise()
res['enterprise'] = enterprise_helper.get_enterprise_by_user(
res['id'])
return jsonify(res)
else:
return jsonify({"err": 1, "msg": "Must Have ID"})
def users():
user_helper = user.User()
if session.get("login") is None:
return redirect("/login")
if session.get("lock") is True:
return redirect("/lock")
err = 0
msg = ''
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
confirm = request.form['confirm']
auth = ''
admin = 0
if session['auth'] == 'root':
auth = 'admin'
elif session['auth'] == 'admin':
auth = 'user'
admin = session['id']
if confirm is not password:
err = 1
msg = "Confirm Password Incorrect"
if user_helper.add_user(username, password, auth, admin):
if auth == "admin":
# Add Enterprise Data
name = request.form['enterprise-name']
address = request.form['enterprise-address']
email = request.form['enterprise-email']
phone = request.form['enterprise-phone']
filesize = request.form['enterprise-filesize']
user_limit = request.form['enterprise-user']
enterprise_helper = enterprise.Enterprise()
u = user_helper.get_by_username(username)
if enterprise_helper.add_enterprise(name, address, email,
phone, filesize,
user_limit, u['id']):
msg = "Success"
return redirect("/users")
msg = "Success"
return redirect("/users")
else:
err = 1
msg = user_helper.err_msg()
all_user = None
if session['auth'] == 'root':
all_user = user_helper.get_all_admin()
elif session['auth'] == 'admin':
all_user = user_helper.get_enterprise_user(session['id'])
session['page'] = 'users'
return render_template("user.html", users=all_user, err=err, msg=msg)
def add_user():
user_helper = user.User()
err = 0
msg = ''
if request.method == 'POST':
username = request.form['username']
email = request.form['email']
password = request.form['password']
confirm = request.form['confirm']
auth = ''
admin = 0
if session['auth'] == 'root':
auth = 'admin'
elif session['auth'] == 'admin':
auth = 'user'
admin = session['id']
if confirm is not password:
err = 1
msg = "Confirm Password Incorrect"
if user_helper.add_user(username, password, email, auth, admin):
if auth == "admin":
# Add Enterprise Data
name = request.form['enterprise_name']
address = request.form['enterprise_address']
email = request.form['enterprise_email']
phone = request.form['enterprise_phone']
filesize = request.form['enterprise_filesize']
user_limit = request.form['enterprise_user']
enterprise_helper = enterprise.Enterprise()
u = user_helper.get_by_username(username)
if enterprise_helper.add_enterprise(name, address, email,
phone, filesize,
user_limit, u['id']):
err = 0
msg = "Success"
else:
err = 1
msg = "Failed"
else:
err = 1
msg = user_helper.err_msg()
return jsonify({'err': err, 'msg': msg})
def add_files():
enterprise_helper = enterprise.Enterprise()
# check if the post request has the file part
if 'file' not in request.files:
return jsonify({"err": 1, "msg": "No File Part " + str(request.files)})
file = request.files['file']
# if user does not select file, browser also
# submit a empty part without filename
if file.filename == '':
return jsonify({"err": 1, "msg": "No Selected File"})
if file and allowed_file(file.filename):
file_helper = fl.Files()
user_helper = user.User()
user_helper.load_user(session['id'])
user_data = user_helper.get_data()
filename = secure_filename(file.filename)
basedir = os.getcwd()
if not os.path.exists(basedir + app.config['UPLOAD_FOLDER'] + "/" +
user_data['home_folder']):
os.makedirs(basedir + app.config['UPLOAD_FOLDER'] + "/" +
user_data['home_folder'])
if not os.path.exists(basedir + app.config['UPLOAD_FOLDER'] + "/" +
user_data['home_folder'] + "/files"):
os.makedirs(basedir + app.config['UPLOAD_FOLDER'] + "/" +
user_data['home_folder'] + "/files")
if not os.path.exists(basedir + app.config['UPLOAD_FOLDER'] + "/" +
user_data['home_folder'] + "/project"):
os.makedirs(basedir + app.config['UPLOAD_FOLDER'] + "/" +
user_data['home_folder'] + "/project")
target = basedir + app.config['UPLOAD_FOLDER'] + "/" + user_data[
'home_folder'] + "/files"
file.save(os.path.join(target, filename))
file_helper.add_file(filename, session['id'],
user_data['home_folder'] + "/files/" + filename)
return jsonify({
"err": 0,
"msg": "Upload File Success",
"filename": file.filename
})
else:
return jsonify({"err": 1, "msg": "Extension not Allowed"})
def api_user(id=None):
user_helper = user.User()
if session.get("login") is None:
return redirect("/login")
if session.get("lock") is True:
return redirect("/lock")
id_session = session['id']
user_helper.load_user(id_session)
data = user_helper.get_data()
if request.method == 'GET':
if data['auth'] == 'user':
abort(404)
if id is not None:
res = user_helper.load_user(id)
if res is False:
abort(404)
if res['auth'] == 'root':
abort(403)
if res['auth'] == 'admin':
enterprise_helper = enterprise.Enterprise()
res['enterprise'] = enterprise_helper.get_enterprise_by_user(
res['id'])
return jsonify(res)
else:
return jsonify({"err": "Must Have ID"})
if request.method == 'DELETE':
if user_helper.delete_user(id):
return jsonify({"err": 0, "msg": "Success"})
else:
return jsonify({"err": 1, "msg": user_helper.err_msg()})
if request.method == 'PUT':
username = request.form['username']
password = request.form['password']
confirm = request.form['confirm']
user_helper.change_username(id, username)
if password != '':
if password == confirm:
if not user_helper.change_password(id, password):
return jsonify({"err": 1, "msg": user_helper.err_msg()})
else:
return jsonify({
"err":
1,
"msg":
"Detected Password Change but Wrong Confirmation Password"
})
user_helper.load_user(id)
data = user_helper.get_data()
if data['auth'] == 'admin':
name = request.form['name']
email = request.form['email']
phone = request.form['phone']
address = request.form['address']
filesize = request.form['filesize']
user_limit = request.form['user_limit']
enterprise_helper = enterprise.Enterprise()
if not enterprise_helper.update_enterprise(
data['id'], name, address, email, phone, filesize,
user_limit):
return jsonify({
"err": 1,
"msg": enterprise_helper.error_msg()
})
return jsonify({"err": 0, "msg": "Success"})