def adminview():
if session.get('user_auth_key'):
try:
title = app.config.get('PAGETITLE') if app.config.get('PAGETITLE') else ''
uname = session.get('uname') if session.get('uname') else None
#
addf = AddEntryForm(request.form)
addf.authors_list.choices = [(str(item.id),item.imja) for item in sess.query(Author).all()]
addf.books_list.choices = [(str(item.id),item.nazva) for item in sess.query(Book).all()]
#
#
editf = UpdateEntryForm(request.form)
editf.authors_list.choices = [(str(item.id),item.imja) for item in sess.query(Author).all()]
editf.books_list.choices = [(str(item.id),item.nazva) for item in sess.query(Book).all()]
#
############################################################
books = [(item.id,item.nazva,','.join([autor.imja for autor in item.authors])) for item in sess.query(Book).all()]
authors = [(item.id,item.imja) for item in sess.query(Author).all()]
return render_template('components/adm_workspace.html',
title=title,
uname=uname,
addf=addf,
editf=editf,
books=books,
authors=authors)
except:
abort(404)
else:
abort(404)
def loginview():
title = app.config.get('PAGETITLE') if app.config.get('PAGETITLE') else ''
uname=None
af = AutForm(request.form)
########### РОБОТА ФОРМИ АВТОРИЗАЦІЇ ##############
if request.method == 'POST':
tkn = session.pop('_csrf_sess',None)
#af = AutForm(request.form)
if af.validate() and (tkn and request.form.get('_csrf_token') == tkn):
##
try:
registered = sess.query(Elibr_User).\
filter(Elibr_User.nickname == af.u_login.data,Elibr_User.password ==enc224(af.u_passw.data)).count()
# авторизація пройдена, якщо запис користувача є в БД
if int(registered) == 1:
session['user_auth_key'] = enc224('{0}__{1}'.format(af.u_login.data,af.u_passw.data))
session['uname'] = uname =af.u_login.data
return redirect(url_for('indexview'))
else:
flash('Такого користувача немає!'.decode('UTF-8'))
return render_template('components/autf.html',title = title,af=af)
except:
return render_template('components/autf.html',title = title,af=af)
else:
return render_template('components/autf.html',title = title,af=af)
#####################################################
return render_template('components/autf.html',title = title,af=af)
def registerview():
title = app.config.get('PAGETITLE') if app.config.get('PAGETITLE') else ''
uname=None
rf = RegForm(request.form)
#################################################
if not session.get('user_auth_key'):
if request.method == 'POST':
tkn = session.pop('_csrf_sess',None)
#rf = RegForm(request.form)
if rf.validate() and (request.form.get('_csrf_token') == tkn):
try:
# перевірка на дублікати
registered = sess.query(Elibr_User).\
filter(Elibr_User.nickname == rf.r_login.data,Elibr_User.password ==enc224(rf.r_passw.data)).count()
# якщо дублікатів немає - реєструємо нового користувача
nu_eu = Elibr_User()
nu_eu.nickname =rf.r_login.data
nu_eu.password=enc224(rf.r_passw.data)
sess.add(nu_eu)
sess.commit()
session['user_auth_key'] = enc224('{0}__{1}'.format(nu_eu.nickname,nu_eu.password))
session['uname']=uname=nu_eu.nickname
return redirect(url_for('indexview'))
except:
return render_template('components/regf.html',title=title,rf=rf)
else:
return render_template('components/regf.html',title=title,rf=rf)
return render_template('components/regf.html',title=title,rf=rf)
else:
return redirect(url_for('indexview'))
def optionsview(option=None):
options =('add','delete','update')
if option is None:
return redirect(url_for('adminview'))
else:
if session.get('user_auth_key'):
#
addf = AddEntryForm(request.form)
addf.authors_list.choices = [(str(item.id),item.imja) for item in sess.query(Author).all()]
addf.books_list.choices = [(str(item.id),item.nazva) for item in sess.query(Book).all()]
#
if request.method == 'POST':
if option in options:
if option == 'add':
if addf.validate():
if addf.addtype.data == 'books':
book = Book()
book.nazva = addf.add.data
if isinstance(addf.authors_list.data,(list,tuple)):
a_ids=[int(item) for item in addf.authors_list.data]
book.authors=list(sess.query(Author).filter(Author.id.in_(a_ids)))
sess.add(book)
sess.commit()
elif addf.addtype.data == 'authors':
author = Author()
author.imja = addf.add.data
if isinstance(addf.books_list.data,(list,tuple)):
b_ids=[int(item) for item in addf.books_list.data]
author.books=list(sess.query(Book).filter(Book.id.in_(b_ids)))
sess.add(author)
sess.commit()
return redirect(url_for('adminview'))
if option == 'delete':
if request.args.get('a'):
try:
aut = int(request.args.get('a'))
sess.query(Author).filter_by(id=aut).delete()
sess.commit()
except:
pass
elif request.args.get('b'):
try:
buk = int(request.args.get('b'))
sess.query(Book).filter_by(id=buk).delete()
sess.commit()
except:
pass
return redirect(url_for('adminview'))
else:
return redirect(url_for('indexview'))
def indexview():
title = app.config.get('PAGETITLE') if app.config.get('PAGETITLE') else ''
uname = session.get('uname') if session.get('uname') else None
#####################################
try:
books = [(item.id,item.nazva,','.join([autor.imja for autor in item.authors])) for item in sess.query(Book).all()]
except:
books = None
############ РОБОТА ФОРМИ ПОШУКУ ##################
if request.method == 'POST':
sf = SearchForm(request.form)
if sf.validate():
try:
searchbooks = sess.query(Book).filter(or_(Book.nazva == sf.searchf.data,
Book.nazva.startswith(sf.searchf.data),
Book.nazva.contains(sf.searchf.data),
Book.nazva.endswith(sf.searchf.data)
))
books = [(item.id,item.nazva,','.join([autor.imja for autor in item.authors])) for item in searchbooks]
searchauthors = sess.query(Author).filter(or_(Author.imja == sf.searchf.data,
Author.imja.startswith(sf.searchf.data),
Author.imja.contains(sf.searchf.data),
Author.imja.endswith(sf.searchf.data)
))
books2=[]
for item in searchauthors:
for b in item.books:
books2.append((b.id,b.nazva,','.join([autor.imja for autor in b.authors])))
books = books + books2
except:
books=None
else:
pass
###################################################
# якщо користувач не авторизований - він бачить дефолтну першу сторінку
# авторизований користувач входить на першу для авторизованих
if not session.get('user_auth_key'):
return render_template('components/page.html',title=title,books=books)
else:
return render_template('components/page_aut.html',title=title,uname=uname,books=books)
def updateview():
if session.get('user_auth_key'):
title = app.config.get('PAGETITLE') if app.config.get('PAGETITLE') else ''
uname = session.get('uname') if session.get('uname') else None
upd=None
#
editf = UpdateEntryForm(request.form)
editf.authors_list.choices = [(str(item.id),item.imja) for item in sess.query(Author).all()]
editf.books_list.choices = [(str(item.id),item.nazva) for item in sess.query(Book).all()]
############# РОБОТА ФОРМИ ##################
if request.method == 'POST':
if editf.validate():
if editf.edittype.data == 'books':
buk = sess.query(Book).get(editf.upd_id.data)
buk.nazva = editf.upd.data
a_ids=[int(item) for item in editf.authors_list.data]
buk.authors=list(sess.query(Author).filter(Author.id.in_(a_ids)))
sess.add(buk)
sess.commit()
elif editf.edittype.data == 'authors':
pass
return redirect(url_for('adminview'))
##############################################
else:
if request.args.get('a') or request.args.get('b'):
if request.args.get('a'):
aut_id = int(request.args.get('a'))
aut_item = sess.query(Author).get(aut_id)
upd = (str(aut_item.id),aut_item.imja,'authors')
elif request.args.get('b'):
buk_id = int(request.args.get('b'))
buk_item = sess.query(Book).get(buk_id)
upd = (str(buk_item.id),buk_item.nazva,'books')
return render_template('components/editf.html',
title=title,
uname=uname,
editf=editf,
upd = upd
)
else:
return redirect(url_for('adminview'))
else:
return redirect(url_for('indexview'))