def patients_process():
try:
errors = list()
priemn_postup = None
priemn_vypis = None
priemn_perevod = None
priemn_umerlo = None
if request.method == 'POST':
try:
data_obj = Patients_Process()
except AttributeError, e:
errors.append(
u'<strong>Не настроено подключение к БД ЛПУ.</strong> '
u'Заполните <a href="{}">настройки</a> подключения.'.
format(url_for('.settings')))
else:
try:
start = datetime.strptime(request.form['start'],
'%d.%m.%Y')
end = datetime.strptime(request.form['end'], '%d.%m.%Y')
except ValueError:
errors.append(u'Некорректно указаны даты')
else:
priemn_postup = data_obj.get_priemn_postup(start, end)
priemn_vypis = data_obj.get_priemn_vypis(start, end)
priemn_perevod = data_obj.get_priemn_perevod(start, end)
priemn_umerlo = data_obj.get_priemn_umerlo(start, end)
return render_template('reports/patients_process/index.html',
form=Form(),
priemn_postup=priemn_postup,
priemn_vypis=priemn_vypis,
priemn_perevod=priemn_perevod,
priemn_umerlo=priemn_umerlo,
errors=errors)
def sickness_rate_diagnosis():
current_app.jinja_env.filters['datetimeformat'] = datetimeformat
try:
errors = list()
data = None
if request.method == 'POST':
try:
data_obj = Sickness_Rate_Diagnosis()
except AttributeError, e:
errors.append(
u'<strong>Не настроено подключение к БД ЛПУ.</strong> '
u'Заполните <a href="{}">настройки</a> подключения.'.format(url_for('.settings')))
else:
try:
start = datetime.strptime(request.form['start'], '%d.%m.%Y')
end = datetime.strptime(request.form['end'], '%d.%m.%Y')
except ValueError:
errors.append(u'Некорректно указаны даты')
else:
if request.form['diagnosis']:
data = data_obj.get_vypds(request.form['diagnosis'], start, end)
else:
errors.append(u'Не указан диагноз')
return render_template('reports/sickness_rate_diagnosis/index.html',
form=Form(),
data=data,
errors=errors)
def discharged():
try:
errors = list()
data = None
if request.method == 'POST':
try:
data_obj = Discharged_Patients()
except AttributeError, e:
errors.append(
u'<strong>Не настроено подключение к БД ЛПУ.</strong> '
u'Заполните <a href="{}">настройки</a> подключения.'.
format(url_for('.settings')))
else:
try:
start = datetime.strptime(request.form['start'],
'%d.%m.%Y')
end = datetime.strptime(request.form['end'], '%d.%m.%Y')
except ValueError:
errors.append(u'Некорректно указаны даты')
else:
data = data_obj.get_vypis(start, end)
return render_template('reports/discharged/index.html',
form=Form(),
data=data,
errors=errors)
def edit_campaign(campaign_id):
response = sg.client.campaigns._(campaign_id).get()
campaign = json.loads(response.response_body)
list_name = None
try:
list_id = campaign['list_ids'][0]
list_response = sg.client.contactdb.lists._(list_id).get()
list_details = json.loads(list_response.response_body)
list_name = list_details['name']
except IndexError:
list_id = 'null'
list_name = "No list selected"
schedule = Form()
if schedule.validate_on_submit():
date_unicode = request.form['datetime']
schedule = datetime.strptime(date_unicode, '%Y-%m-%dT%H:%M')
send_at = int(mktime(schedule.timetuple()))
print(send_at)
request_body = {"send_at": send_at}
if campaign['s tatus'] == 'Draft':
sg.client.campaigns._(campaign_id).schedules.post(
request_body=request_body)
elif campaign['status'] == 'Scheduled':
sg.client.campaigns._(campaign_id).schedules.patch(
request_body=request_body)
flash("The campaign has been scheduled.")
return render_template('campaign_page.html',
campaign=campaign,
campaign_id=campaign_id,
list_name=list_name,
schedule=schedule)
def login():
if request.method == 'GET':
form = Form()
return render_template('login.html', form=form)
elif request.method == 'POST':
form = admin.login()
if form.validate_on_submit():
if form.vcode.data != session['verification_code']:
flash({u'invalid_v_code': ['verification code not correct']},
'error')
return redirect('login')
else:
flash(form.errors, 'error')
return redirect('login')
secure_password = hashlib.sha1(form.email.data +
form.password.data).hexdigest()
secure_password_md5 = hashlib.md5(secure_password).hexdigest()
user = Admin.query.filter(Admin.email == form.email.data).\
filter(Admin.password == secure_password_md5).first()
if user is None:
flash({u'user_not_exists': [u'user not exists']}, 'error')
return redirect('login')
login_user(user, remember=False)
return redirect(request.args.get('next') or url_for('index'))
def user_delete(username):
title = "Delete user"
if not ldap_user_exists(username=username):
abort(404)
form = Form(request.form)
if form.validate_on_submit():
try:
user = ldap_get_user(username=username)
ldap_delete_entry(user['distinguishedName'])
flash("User successfuly deleted.", "success")
return redirect(url_for('core_index'))
except ldap.LDAPError as e:
error = e.message['info'].split(":", 2)[-1].strip()
error = str(error[0].upper() + error[1:])
flash(error, "error")
elif form.errors:
flash("Some fields failed validation.", "error")
return render_template("pages/user_delete.html",
title=title,
action="Delete user",
form=form,
username=username,
parent=url_for('user_overview',
username=username))
def delete(puppy_id):
puppy = Puppy.query.filter_by(id=puppy_id).one()
# we can use a generic form, since there are no fields
form = Form()
if form.validate_on_submit():
db.session.delete(puppy)
db.session.commit()
flash(puppy.name + " was put to sleep.")
return redirect(url_for("puppies.list_all"))
return render_template("puppies/delete.jinja2", form=form, puppy=puppy)
def delete(shelter_id):
shelter = Shelter.query.filter_by(id=shelter_id).one()
form = Form()
if form.validate_on_submit():
db.session.delete(shelter)
db.session.commit()
flash(shelter.name + " was deleted from the database.")
return redirect(url_for("shelters.list_all"))
return render_template("shelters/delete.jinja2",
form=form,
shelter=shelter)
def delete(adopter_id):
adopter = Adopter.query.filter_by(id=adopter_id).one()
# we can use a generic form, since there are no fields
form = Form()
if form.validate_on_submit():
db.session.delete(adopter)
db.session.commit()
flash(adopter.name + " was deleted from the database.")
return redirect(url_for("adopters.list_all"))
return render_template("adopters/delete.jinja2",
form=form,
adopter=adopter)
def authenticate():
try:
form = Form()
user = auth_provider.authenticate(form)
if login_user(user, remember=form.remember.data):
redirect_url = get_post_login_redirect()
identity_changed.send(app, identity=Identity(user.id))
logger.debug(DEBUG_LOGIN % (user, redirect_url))
return redirect(redirect_url)
raise BadCredentialsError(FLASH_INACTIVE)
except BadCredentialsError, e:
message = '%s' % e
do_flash(message, 'error')
redirect_url = request.referrer or login_manager.login_view
logger.error(ERROR_LOGIN % (message, redirect_url))
return redirect(redirect_url)
def inject_common_values():
form = Form(csrf_enabled=True)
ga_id = app.config['CDW']['google_analytics_id']
ga_id = None if ga_id == 'None' or ga_id == '' else ga_id
intro_video_id = app.config['CDW']['intro_video_id']
return {
'facebook_app_id':
app.config['SOCIAL_PROVIDERS']['facebook']['oauth']['consumer_key'],
'google_analytics_id':
ga_id,
'media_root':
app.config['MEDIA_ROOT'],
'csrf_token':
form.csrf_token,
'intro_video_id':
intro_video_id,
'local_request':
app.config['LOCAL_REQUEST']
}
def group_delmember(groupname, member):
title = "Remove group member"
group = ldap_get_group(groupname)
if not group or 'member' not in group:
abort(404)
member = ldap_get_entry_simple({'sAMAccountName': member})
if not member:
abort(404)
if not member['distinguishedName'] in group['member']:
abort(404)
form = Form(request.form)
if form.validate_on_submit():
try:
members = group['member']
members.remove(member['distinguishedName'])
ldap_update_attribute(group['distinguishedName'], "member",
members)
flash("Member removed.", "success")
return redirect(url_for('group_overview', groupname=groupname))
except ldap.LDAPError as e:
error = e.message['info'].split(":", 2)[-1].strip()
error = str(error[0].upper() + error[1:])
flash(error, "error")
elif form.errors:
flash("Some fields failed validation.", "error")
return render_template("pages/group_delmember.html",
title=title,
action="Remove group member",
form=form,
member=member['sAMAccountName'],
group=group['sAMAccountName'],
parent=url_for('group_overview',
groupname=groupname))
def user_add():
if request.method == 'POST':
form = manage.AddUserForm()
if form.validate_on_submit():
if add_new_user(form):
if form.enable.data:
try:
ss.add_port(form.port.data, form.password.data)
except:
import traceback
traceback.print_exc()
logging.error('add service on port[%s] failed')
return jsonify(
info='error:Add service on port[%s] failed' %
form.port.data)
else:
return jsonify(info='error:Add new user failed')
else:
return jsonify(info='error:Form validate failed')
send_mail(form.email.data, form.port.data, form.password.data)
return jsonify(info='success',
service={
'port': form.port.data,
'password': form.password.data
})
elif request.method == 'GET':
form = Form()
return render_template("add.html",
form=form,
email=g.user.get_username(),
host=app.config.get('HOST_URL'),
port=get_valid_port(),
password=utils.generate_password(),
transfer=app.config.get('USER_INIT_TRANSFER') //
BYTE_TO_GIGABYTE,
environment=app.config.get('ENVIRONMENT'),
active_user_new='active')
def sickness_rate_blocks():
try:
errors = list()
sickness_rate_blocks = None
if request.method == 'POST':
try:
data_obj = Sickness_Rate_Blocks()
except AttributeError, e:
errors.append(
u'<strong>Не настроено подключение к БД ЛПУ.</strong> '
u'Заполните <a href="{}">настройки</a> подключения.'.format(url_for('.settings')))
else:
try:
start = datetime.strptime(request.form['start'], '%d.%m.%Y')
end = datetime.strptime(request.form['end'], '%d.%m.%Y')
except ValueError:
errors.append(u'Некорректно указаны даты')
else:
sickness_rate_blocks = data_obj.get_sickness_rate_blocks(start, end)
return render_template('reports/sickness_rate_blocks/index.html',
form=Form(),
sickness_rate_blocks=sickness_rate_blocks,
errors=errors)
def get_csrf_headers():
form = Form()
return {'X-CSRF-Token': form.csrf_token._value()}
def userlist(page=1, pending=False, sponsored=False, rolloffs=False):
# We need to make sure sponsors without admin/labstaff permissions don't go
# browsing through all the users data
domains = g.user.get_domains()
if ((sponsored and 'sponsor' not in domains) or
(not sponsored and (not g.user_is_labstaff) and (not g.user_is_admin))
or (rolloffs and (not g.user_is_labstaff) and
(not g.user_is_admin))):
flash("Unauthorized.")
return redirect('index')
if (pending or rolloffs) and request.method == "POST":
form = Form(request.form)
if not form.validate():
flash("There was an error with your submission.")
redirect(request.url)
users = [
user for user, value in request.form.iteritems()
if value == 'approve'
]
if rolloffs:
users = [user for user, value in request.form.iteritems()]
users = [User.username == user for user in users]
if len(users) > 0:
query = User.query.filter(or_(*users))
if sponsored:
# Filter and make sure we only get this sponsors users, for security
query = query.filter(User.sponsor == g.user.username)
users = query.all()
for user in users:
if sponsored:
user.status = 'pending_labstaff'
elif rolloffs:
user.status = 'pending_rolloff'
else:
user.status = 'pending_create'
db.session.add(user)
db.session.commit()
# here we handle denying accounts:
users = [
user for user, value in request.form.iteritems() if value == 'deny'
]
users = [User.username == user for user in users]
if len(users) > 0:
query = User.query.filter(or_(*users))
if sponsored:
query = query.filter(User.sponsor == g.user.username)
users = query.all()
for user in users:
# send rejection emails, silent reject if comments are empty
if sponsored:
mail.sponsor_reject(user)
elif g.user_is_admin:
mail.admin_reject(user)
# drop rejected users
db.session.delete(user)
db.session.commit()
query = User.query
sort = 'username'
sort_col = User.username
sort_dir = asc
cols = {
'username': User.username,
'uid': User._uid,
'sponsor': User.sponsor,
'email': User.email,
'name': User.last_name,
'last_name': User.last_name,
'first_name': User.first_name,
'status': User.status,
'grad_date': User._grad_date
}
# Let's make the filter form
class FilterForm(Form):
pass
for field, col in cols.iteritems():
setattr(FilterForm, field, TextField())
filter_form = FilterForm(request.args)
if 'sort' in request.args:
if request.args['sort'] in cols:
sort = request.args['sort']
sort_col = cols[request.args['sort']]
if 'dir' in request.args and request.args['dir'] == 'desc':
sort_dir = desc
if sponsored:
query = query.filter(User.sponsor == g.user.username)
if pending:
query = query.filter(User.status == 'pending_sponsor')
else:
query = query.filter(User.status != 'pending_sponsor')
elif rolloffs:
now = date.today()
query = query.filter(User._grad_date <= now)
query = query.filter(User.status != 'pending_sponsor')
query = query.filter(User.status != 'pending_labstaff')
query = query.filter(User.status != 'pending_rolloff')
else:
if pending:
query = query.filter(User.status == 'pending_labstaff')
# else:
# query = query.filter(User.status != 'pending_labstaff')
# query = query.filter(User.status != 'pending_sponsor')
for field, col in cols.iteritems():
if field in request.args:
if request.args[field].strip() == "":
continue
query = query.filter(col.like(request.args[field].strip()))
query = query.order_by(sort_dir(sort_col))
page = query.paginate(page)
if pending:
# Patch a Form. This allows us to keep our CSRF protection
class F(Form):
pass
for user in page.items:
setattr(
F, user.username,
RadioField(choices=[('approve', 'Approve'),
('postpone', 'Postpone'),
('deny', 'Deny')],
validators=[validators.Required()]))
# Flask-WTForms likes to pull data from request.form. Force it not to.
form = F(ImmutableMultiDict())
# We do this after the fact so WTForms can do some of its binding
for user in page.items:
user.radio = getattr(form, user.username)
user.radio.data = 'postpone'
if sponsored:
template = 'sponsorship_requests.html'
else:
template = 'list_pending_users.html'
elif rolloffs:
class rolloffCheckbox(Form):
pass
for user in page.items:
setattr(rolloffCheckbox, user.username, BooleanField())
form = rolloffCheckbox(ImmutableMultiDict())
for user in page.items:
user.checkbox = getattr(form, user.username)
template = 'list_upcoming_rolloffs.html'
else:
form = Form()
if sponsored:
template = 'sponsored_users.html'
else:
template = 'userlist.html'
return render_template(template,
page=page,
sort=sort,
sort_dir='asc' if sort_dir == asc else 'desc',
form=form,
filter_form=filter_form)
def create():
return render_template('new.html', form=Form())
