Exemple #1
0
def index():
    email_address = request.cookies.get("email")
    user = db.query(User).filter_by(email=email_address).first()

    users = db.query(User)
    print(users)
    return render_template("index.html", user=user, users=users)
Exemple #2
0
def dia():

    if request.method == "GET":
        if "username" in session:
            t_month = request.args.get('month')  # creo que es de tipo string
            t_year = request.args.get('year')
            t_day = request.args.get('day')
            month, year = current_month(t_month, t_year)
            # calendario_mes = monthcalendar(year, month)

            user = db.query(User).filter_by(
                username=session["username"]).first()
            citas = db.query(Cita).filter_by(user_id=user.id).all(
            )  # obtengo todas las citas, pero deberían ser las de ese día

            cita_dia = []
            print(citas)
            for cita in citas:
                if cita.fecha.year == int(t_year) and cita.fecha.month == int(
                        t_month) and cita.fecha.day == int(t_day):
                    cita_dia.append(cita)

            return render_template("dia.html",
                                   month=t_month,
                                   year=t_year,
                                   day=t_day,
                                   text_month=imprime_mes(month),
                                   citas_dia=cita_dia)
        else:
            pass
    elif register.method == "POST":
        pass
Exemple #3
0
def admin():
    global user

    chars = db.query(Character).all()
    users = db.query(User).all()
    db.commit()
    return render_template("/Nav-Pages/admin.html", users=users, chars=chars, admin=user.admin)
Exemple #4
0
def allusers():
    location = request.args.get("location", "Maribor")

    r = requests.get(f"{OWA}?q={location}&units=metric&appid={API_KEY}")

    tempwat = r.json()
    temperature = tempwat["main"]["temp"]

    weather = tempwat["weather"][0]["main"]

    session_token = request.cookies.get("session_token")

    user = db.query(User).filter_by(session_token=session_token).first()
    users = db.query(User).all()

    if user:
        return render_template(
            "users.html",
            user=user,
            users=users,
            location=location.title(),
            temperature=temperature,
            weather=weather,
        )

    else:
        "Please sign in or login if you want to go on that page."
        return render_template(
            "home.html",
            user=user,
            messages=messages,
            location=location.title(),
            temperature=temperature,
            weather=weather,
        )
Exemple #5
0
def is_allowed(request, routename, method='ALL', check_route=True):
    """
    Given a request_object, routename and method; returns True if current user has access to that route,
    otherwise returns False.

    If check_route if False, does not check the DB to see if the route is in the list of protected routes
    """

    if check_route:
        route = db.query(RoutePermission).filter_by(route_name=routename).first()
        if not route:
            return True

    if not isinstance(method, list):
        method = [method, ]

    user_permissions = request.session.get('auth_user_permissions', [])
    if request.session.get('auth_static_permission', None):
        user_permissions.append(request.session.get('auth_static_permission', None))

    has_permission = db.query(func.count(RoutePermission.permission)).filter(
                                            RoutePermission.route_name == routename).filter(
                                            RoutePermission.method.in_(method)).filter(
                                            RoutePermission.permission.in_(user_permissions)).scalar()

    if has_permission > 0:
        return True
    else:
        return False
def message_details(msg_id=None):
    if msg_id:
        msg = db.query(Mensaje).get(int(msg_id))

        if msg and msg.receiver == current_user.email:
            msg.read = True
            db.add(msg)
            db.commit()

            return render_template("messages.html",
                                   current_msg=msg,
                                   current_user=current_user)
        else:
            return "Message ID not valid!"
    else:
        messages = list(
            db.query(Mensaje).filter_by(receiver=current_user.email))

        messages.sort(key=lambda s: s.date)

        read = list(filter(lambda s: s.read, messages))
        non_read = list(filter(lambda s: not s.read, messages))

        for msg in non_read:
            msg.read = True
            db.add(msg)
            db.commit()

        return render_template("messages.html",
                               msg_read=read,
                               msg_non_read=non_read,
                               current_user=current_user)

    return render_template("messages.html", no_msg=True)
def index():
    if request.method == "GET":
        data = {}
        session_token = request.cookies.get("session_token")                        #guardamos el valor de la cookie session token en la variable session_token

        if session_token:
            user = db.query(User).filter_by(session_token=session_token).first()  #si tenemos una session token, miramos y comparamos en la base de datos
        else:                                                                       #si no creamos una instancia user vacia
            user = None

        data.update({'user': user})
        return render_template("index.html", data=data)


    elif request.method == "POST":
        guess = request.form.get('guess', False)
        email_address = request.cookies.get("email")
        user = db.query(User).filter_by(email=email_address).first()

        try:                    # compara si el valor introducido es un entero y si no lo es devuelve un error
            guess = int(guess)
        except Exception:
            data = {'result': False,
                    "user": user,
                    "error": 2}
            response = make_response(render_template("index.html", data=data))
            return response

        if guess > 30 or guess < 1:    #comprueba que ademas de ser un entero sea un valor comprendido entre 1 y 30, si no devuelve un error
            data = {'result': False,
                    "user": user,
                    "error": 1}
            response = make_response(render_template("index.html", data=data))
            return response

        if guess == int(user.secret_number):    # Si ha acertado:
            new_secret = random.randint(1, 30)
            user.secret_number = new_secret
            db.add(user)
            db.commit()
            new_wrong = wrong_guess.copy()
            data = {'result': True,
                    "wrong_guess": new_wrong,
                    "user": user}
            wrong_guess.clear()
            response = make_response(render_template("index.html", data=data))
            return response
        else:                              # Si no hemos acertado damos una pista para que pueda acertar
            if int(user.secret_number) < guess:
                data = {'result': False, # Diferentes lineas para mas orden y solo un diccionario con datos
                        'hint': "Demasiado grande, prueba algo mas pequeño",
                        'user': user}
            else:
                data = {'result': False,
                        'hint': "Demasiado pequeño, prueba algo mas grande",
                        'user': user}
            response = make_response(render_template("index.html", data=data))
            wrong_guess.append(guess)
        return response # Devolvemos  un response por pantalla,mostrando un mensaje segun si ha acertado o si ha puesto un numero mayor o menor
    return render_template("index.html")
def dashboard():
    form = Messageform()
    form.receiver_email.choices = get_choices(current_user)
    if request.method == "GET":
        messages = db.query(Mensaje).filter_by(receiver=current_user.email,
                                               read=False).all()
        users = db.query(User).all()
        return render_template("dashboard.html",
                               messages=messages,
                               form=form,
                               current_user=current_user,
                               users=users)

    else:
        if form.validate_on_submit():
            msg = Mensaje(subject=form.subject.data,
                          message=form.message.data,
                          receiver=form.receiver_email.data,
                          sender=current_user.email,
                          read=False)
            db.add(msg)
            db.commit()
            data = "Your message has been sent"
            return render_template("dashboard.html",
                                   data=data,
                                   form=form,
                                   current_user=current_user,
                                   msg=msg)
        else:
            data = "Error, review the entered data"
            return render_template("dashboard.html",
                                   data=data,
                                   form=form,
                                   current_user=current_user)
Exemple #9
0
def messenger(session_cookie):
    if request.method == "GET":
        user_all = db.query(User).all()
        user = db.query(User).filter_by(session_token=session_cookie).first()
        return render_template("messenger.html", session_cookie=user.session_token, email=user.email, user_all=user_all)

    elif request.method == "POST":
        user1 = db.query(User).filter_by(session_token=session_cookie).first()
        email = request.form.get("email")
        user2 = db.query(User).filter_by(email=email).first()
        text = request.form.get("text")
        if user2:
            text_received = f"From {user1.email}: {text}"
            if user2.text_received:
                text_received = user2.text_received + "|" + text_received
                user2.text_received = text_received
                db.add(user2)
                db.commit()
            else:
                user2.text_received = text_received
                db.add(user2)
                db.commit()

        if user1.text_sent:
            text_sent = f"To {email}: {text}"
            text_sent = user1.text_sent + "|" + text_sent
            user1.text_sent = text_sent
            db.add(user1)
            db.commit()
        else:
            user1.text_sent = f"To {email}: {text}"
            db.add(user1)
            db.commit()

        return render_template("sent.html", text=user1.text_sent, session_cookie=user1.session_token, email=user1.email)
def comments():
    session_token = request.cookies.get("session_token")

    # get user from the database based on her/his email address
    user = db.query(User).filter_by(session_token=session_token).first()
    users = db.query(User).all()
    comments = db.query(Comment).all()

    if request.method == "GET":
        if user:  # if user is found
            return render_template("comments.html", user=user, users=users, comments=comments, title="Leave a comment, and make us happy!")
        else:
            return redirect(url_for("index"))
    else:
        userid = request.form.get("user-id")
        usercomment = request.form.get("user-comment")

        # update the user object
        comment = Comment(userid=userid, comment=usercomment)

        # store changes into the database
        db.add(comment)
        db.commit()

        return redirect(url_for("comments"))
Exemple #11
0
def delete(msg_id):
    # Get session_token
    session_token = request.cookies.get("session_token")

    # Get the user from the database
    user = db.query(User).filter_by(session_token=session_token).first()

    # Get the message using msg_id from database
    message = db.query(Message).get(int(msg_id))

    # If the user.id matchs the message.receiver
    if user.id == message.receiver:

        # Delete the message from the database
        db.delete(message)
        db.commit()

        # Send the user to the index page
        return redirect(url_for("index"))

    # Else - the message does not belong to the user
    else:

        # Send the user to the index page
        return redirect(url_for("index"))
Exemple #12
0
def profile_edit():
    session_token = request.cookies.get("session_token")
    # get user
    password = request.form.get("user-password")

    user = db.query(User).filter_by(session_token=session_token).first()

    if request.method == "GET":
        if user:
            return render_template("profile_edit.html", user=user)
        else:
            return redirect(url_for("index"))

    elif request.method == "POST":

        user = db.query(User).filter_by(session_token=session_token).first()

        # ovdje mi nastane problem jer kada upišem stvarnu lozinku izbacuje mi "Wrong password! Go back and try again.",
        # tek kada kopiram hashed_password iz baze onda me šalje na change_password.html
        if password != user.password:
            return "Wrong password! Go back and try again."
        elif password == user.password:
            return render_template("change_password.html", user=user)

        password = request.form.get("user-password")

        # update user

        user.password = password
Exemple #13
0
def send():

    # Get the session_token
    session_token = request.cookies.get("session_token")

    # If session_token found
    if session_token:

        # Get the user from the database
        user = db.query(User).filter_by(session_token=session_token).first()

        # If get request -- i.e we just show the user the messages page
        if request.method == "GET":

            # Get all the users in the database
            users = db.query(User).all()

            # Send the user to the send html page, set user and users in return
            return render_template("send.html", user=user, users=users)

        # ELIF - post request
        elif request.method == "POST":

            # GET the receiver and message_body from the form
            receiver = request.form.get("receiver")
            message_body = request.form.get("message-body")

            # Get the receiver from the database
            rec_user = db.query(User).filter_by(name=receiver).first()

            # If receiver is found
            if rec_user:

                # Create a message object and set the send, receiver and message
                message = Message(sender=user.id,
                                  receiver=rec_user.id,
                                  message=message_body)

                # Save the message object to the database
                db.add(message)
                db.commit()

                # Send the user back to the index page
                return redirect(url_for("index"))

            # Else - receiver was not found
            else:

                # Send the user to the index page
                return redirect(url_for("index"))
        # Else - not a get or post request
        else:

            # Send the user to the index page
            return redirect(url_for("index"))
    # Else - no session_token found
    else:

        # Send the user to the index page
        return redirect(url_for("index"))
Exemple #14
0
def new_password():
    if request.method == "GET":
        session_token = request.cookies.get("session_token")
        user = db.query(User).filter_by(session_token=session_token).first()
        if user:
            return render_template("new_password.html")
        else:
            return redirect(url_for("index"))

    elif request.method == "POST":
        old_password = request.form.get("old-password")
        new_password = request.form.get("new-password")
        session_token = request.cookies.get("session_token")

        hashed_old_password = hashlib.sha256(old_password.encode()).hexdigest()
        user = db.query(User).filter_by(password=hashed_old_password,
                                        session_token=session_token).first()

        if user and new_password:
            hashed_new_password = hashlib.sha256(
                new_password.encode()).hexdigest()
            user.password = hashed_new_password
            db.add(user)
            db.commit()
            return redirect(url_for("profile"))
        else:
            return "Error authenticating user."
Exemple #15
0
def all_users():
    session_token = request.cookies.get("session_token")
    user = db.query(User).filter_by(session_token=session_token,
                                    deleted=False).first()

    # get data of all undeleted users from database
    users = db.query(User).filter_by(deleted=False).all()

    return render_template("users.html", users=users, user=user)
Exemple #16
0
def user_details(user_id):
    user = db.query(Persons).get(int(user_id))
    session["ID"] = user.ID
    HelicoptersByUser = db.query(Helicopter, Izposoje).join(
        Izposoje,
        Helicopter.ID == Izposoje.IDModela).filter_by(IDCloveka=user_id).all()
    return render_template("Admin/UserDetails.html",
                           user=user,
                           HelicoptersData=HelicoptersByUser)
Exemple #17
0
def ReturnedHelicopter():
    HelicopterID = request.form.get("Helicopter")
    helikopter = db.query(Helicopter).get(HelicopterID)
    helikopter.Rented = 0
    izposoja = db.query(Izposoje).filter_by(IsReturned=0,
                                            IDModela=HelicopterID).first()
    izposoja.DatumVrnitve = datetime.now()
    izposoja.IsReturned = 1
    db.session.commit()
    return render_template("AdminAndUser/ReturnedHelicopter.html")
Exemple #18
0
def ShowListOfHelicopters():
    helikopterji = db.query(Helicopter).filter_by(IsDeleted=0).all()
    userPriority = db.query(Persons.PriorityType).filter_by(
        SessionToken=request.cookies.get("session_token")).first()
    if userPriority.PriorityType == 1:
        return render_template("Admin/ShowListOfHelicopters.html",
                               dataHelikopterji=helikopterji)
    else:
        return render_template("User/UserShowListOfHelicopters.html",
                               dataHelikopterji=helikopterji)
def deleteNotes(list_id):
    itemlist = db.query(List).get(int(list_id))
    items = db.query(Item).filter_by(lid = itemlist.id)
    for item in items:
        if not item.active:
            db.delete(item)

    db.commit()

    return redirect("/{0}".format(itemlist.id))
Exemple #20
0
def all_users():
    session_token = request.cookies.get("session_token")

    # get user who is logged in from the database based on her/his session token address
    user = db.query(User).filter_by(session_token=session_token).first()

    # get ALL users from the database
    users = db.query(User).all()

    return render_template("users.html", user=user, users=users)
Exemple #21
0
def index():
    if request.method == "GET":
        todos_db = db.query(Todo).all()
        return render_template("index.html", todos_template=todos_db)
    else:
        todo = request.form.get("todo")
        new_todo = Todo(todo=todo, check=False)
        db.add(new_todo)
        db.commit()
        todos_db = db.query(Todo).all()
        return render_template("index.html", todos_template=todos_db)
Exemple #22
0
def copy(char_char_name):
    global user
    global user_characters

    chars = db.query(Character).filter_by(char_name=char_char_name).first()
    char = Character(user_name=user.name, char_name=chars.char_name, ethnie=chars.ethnie, age=chars.age,
                     height=chars.height)
    db.add(char)
    db.commit()
    user_characters = db.query(Character).filter_by(user_name=user.name).all()
    return render_template("/Nav-Pages/characters.html", character_list=user_characters, admin=user.admin)
Exemple #23
0
def test(test_name):
    test = db.query(Test).filter_by(title=test_name).first()
    # print('Found iD: ', test.id)
    questions = db.query(Question).filter_by(test_id=test.id).all()
    count = len(questions)
    # print('Found Questions: ', questions)
    response = make_response(
        render_template("test.html",
                        test=test_name,
                        count=count,
                        question_number=0))
    return response
Exemple #24
0
def profile_change_password():
    if request.method == "GET":
        session_cookie = request.cookies.get("session_cookie")
        user_change = db.query(User).filter_by(session_token=session_cookie).first()
        return render_template("login.html", change_password=True, email=user_change.email)
    elif request.method == "POST":
        session_cookie = request.cookies.get("session_cookie")
        user_change = db.query(User).filter_by(session_token=session_cookie).first()
        password = hashlib.sha256(request.form.get("password").encode("utf-8")).hexdigest()
        user_change.password = password
        db.commit()
        return redirect(url_for("login", logged_in=True, email=user_change.email))
Exemple #25
0
def user_details(user_id):
    session_token = request.cookies.get("session_token")

    # get user who is logged in from the database based on her/his session token address
    user = db.query(User).filter_by(session_token=session_token).first()

    # Get the user of which you want to show the profile
    target_user = db.query(User).get(int(user_id))

    return render_template("user_details.html",
                           user=user,
                           target_user=target_user)
Exemple #26
0
def list_users():
    session_token = request.cookies.get("session_token")
    user = db.query(User).filter_by(session_token=session_token).first()
    if user is None:
        response = make_response(
            redirect(url_for("login"))
        )
        return response

    users = db.query(User).all()

    return render_template("list_users.html", users=users, user=user)
Exemple #27
0
def calendario():

    if request.method == "GET":

        if "username" in session:
            t_month = request.args.get('month')  # creo que es de tipo string
            t_year = request.args.get('year')
            action = request.args.get('action')
            user = db.query(User).filter_by(
                username=session["username"]).first()
            url_imagen = "../static/img/" + user.photo

            if t_month and t_year and action:
                if action == "previous":
                    month, year = previous_month(t_month, t_year)
                    calendario_mes = monthcalendar(year, month)
                elif action == "next":
                    month, year = next_month(t_month, t_year)
                    calendario_mes = monthcalendar(year, month)
                elif action == "current":
                    month, year = current_month(t_month, t_year)
                    calendario_mes = monthcalendar(year, month)
            else:
                month = date.today().month
                year = date.today().year
                calendario_mes = monthcalendar(year, month)

            user = db.query(User).filter_by(
                username=session["username"]).first()
            citas = db.query(Cita).filter_by(user_id=user.id).all(
            )  # obtengo todas las citas, pero deberían ser las de ese día

            citas_mes = []

            for cita in citas:  # guardo en citas_mes todas las citas del mes
                if cita.fecha.year == year and cita.fecha.month == month:
                    citas_mes.append(cita)

            dias = []
            for cita in citas_mes:
                dias.append(cita.fecha.day)

            return render_template("calendario.html",
                                   calendario_mes=calendario_mes,
                                   month=month,
                                   year=year,
                                   text_month=imprime_mes(month),
                                   username=user.username,
                                   url_imagen=url_imagen,
                                   dias_cita=dias)

        else:
            return "No estás logueado"
def index():
    session_token = request.cookies.get("session_token")
    if session_token:
        user = db.query(User).filter_by(session_token=session_token).first()
        userID = user.id
        todo_lists = db.query(List).all()
        if len(todo_lists) > 0 :
            lists = db.query(List).filter_by(uid = userID)
            return render_template("dashboard.html", user=user, lists=lists)
        return render_template("dashboard.html", user=user)
    else:
        user = None
        return render_template("index.html")
def renameList(list_id):
    itemlist = db.query(List).get(int(list_id))
    session_token = request.cookies.get("session_token")
    user = db.query(User).filter_by(session_token=session_token).first()
    if request.method == "GET":
       return render_template("renamelist.html", itemlist=itemlist, user=user)
    if request.method == "POST":
        newListName = request.form.get("newListName")
        itemlist.list_name = newListName

        db.add(itemlist)
        db.commit()
        return redirect(url_for("index"))
def deleteList(list_id):
    itemlist = db.query(List).get(int(list_id))
    session_token = request.cookies.get("session_token")
    user = db.query(User).filter_by(session_token=session_token).first()
    if request.method == "GET":
       return render_template("deletelist.html", itemlist=itemlist, user=user)
    if request.method == "POST":
        items = db.query(Item).filter_by(lid=itemlist.id)
        for item in items:
                db.delete(item)
        db.delete(itemlist)
        db.commit()
        return redirect(url_for("index"))