def patients_process(): try: errors = list() priemn_postup = None priemn_vypis = None priemn_perevod = None priemn_umerlo = None if request.method == 'POST': try: data_obj = Patients_Process() except AttributeError, e: errors.append( u'<strong>Не настроено подключение к БД ЛПУ.</strong> ' u'Заполните <a href="{}">настройки</a> подключения.'. format(url_for('.settings'))) else: try: start = datetime.strptime(request.form['start'], '%d.%m.%Y') end = datetime.strptime(request.form['end'], '%d.%m.%Y') except ValueError: errors.append(u'Некорректно указаны даты') else: priemn_postup = data_obj.get_priemn_postup(start, end) priemn_vypis = data_obj.get_priemn_vypis(start, end) priemn_perevod = data_obj.get_priemn_perevod(start, end) priemn_umerlo = data_obj.get_priemn_umerlo(start, end) return render_template('reports/patients_process/index.html', form=Form(), priemn_postup=priemn_postup, priemn_vypis=priemn_vypis, priemn_perevod=priemn_perevod, priemn_umerlo=priemn_umerlo, errors=errors)
def sickness_rate_diagnosis(): current_app.jinja_env.filters['datetimeformat'] = datetimeformat try: errors = list() data = None if request.method == 'POST': try: data_obj = Sickness_Rate_Diagnosis() except AttributeError, e: errors.append( u'<strong>Не настроено подключение к БД ЛПУ.</strong> ' u'Заполните <a href="{}">настройки</a> подключения.'.format(url_for('.settings'))) else: try: start = datetime.strptime(request.form['start'], '%d.%m.%Y') end = datetime.strptime(request.form['end'], '%d.%m.%Y') except ValueError: errors.append(u'Некорректно указаны даты') else: if request.form['diagnosis']: data = data_obj.get_vypds(request.form['diagnosis'], start, end) else: errors.append(u'Не указан диагноз') return render_template('reports/sickness_rate_diagnosis/index.html', form=Form(), data=data, errors=errors)
def discharged(): try: errors = list() data = None if request.method == 'POST': try: data_obj = Discharged_Patients() except AttributeError, e: errors.append( u'<strong>Не настроено подключение к БД ЛПУ.</strong> ' u'Заполните <a href="{}">настройки</a> подключения.'. format(url_for('.settings'))) else: try: start = datetime.strptime(request.form['start'], '%d.%m.%Y') end = datetime.strptime(request.form['end'], '%d.%m.%Y') except ValueError: errors.append(u'Некорректно указаны даты') else: data = data_obj.get_vypis(start, end) return render_template('reports/discharged/index.html', form=Form(), data=data, errors=errors)
def edit_campaign(campaign_id): response = sg.client.campaigns._(campaign_id).get() campaign = json.loads(response.response_body) list_name = None try: list_id = campaign['list_ids'][0] list_response = sg.client.contactdb.lists._(list_id).get() list_details = json.loads(list_response.response_body) list_name = list_details['name'] except IndexError: list_id = 'null' list_name = "No list selected" schedule = Form() if schedule.validate_on_submit(): date_unicode = request.form['datetime'] schedule = datetime.strptime(date_unicode, '%Y-%m-%dT%H:%M') send_at = int(mktime(schedule.timetuple())) print(send_at) request_body = {"send_at": send_at} if campaign['s tatus'] == 'Draft': sg.client.campaigns._(campaign_id).schedules.post( request_body=request_body) elif campaign['status'] == 'Scheduled': sg.client.campaigns._(campaign_id).schedules.patch( request_body=request_body) flash("The campaign has been scheduled.") return render_template('campaign_page.html', campaign=campaign, campaign_id=campaign_id, list_name=list_name, schedule=schedule)
def login(): if request.method == 'GET': form = Form() return render_template('login.html', form=form) elif request.method == 'POST': form = admin.login() if form.validate_on_submit(): if form.vcode.data != session['verification_code']: flash({u'invalid_v_code': ['verification code not correct']}, 'error') return redirect('login') else: flash(form.errors, 'error') return redirect('login') secure_password = hashlib.sha1(form.email.data + form.password.data).hexdigest() secure_password_md5 = hashlib.md5(secure_password).hexdigest() user = Admin.query.filter(Admin.email == form.email.data).\ filter(Admin.password == secure_password_md5).first() if user is None: flash({u'user_not_exists': [u'user not exists']}, 'error') return redirect('login') login_user(user, remember=False) return redirect(request.args.get('next') or url_for('index'))
def user_delete(username): title = "Delete user" if not ldap_user_exists(username=username): abort(404) form = Form(request.form) if form.validate_on_submit(): try: user = ldap_get_user(username=username) ldap_delete_entry(user['distinguishedName']) flash("User successfuly deleted.", "success") return redirect(url_for('core_index')) except ldap.LDAPError as e: error = e.message['info'].split(":", 2)[-1].strip() error = str(error[0].upper() + error[1:]) flash(error, "error") elif form.errors: flash("Some fields failed validation.", "error") return render_template("pages/user_delete.html", title=title, action="Delete user", form=form, username=username, parent=url_for('user_overview', username=username))
def delete(puppy_id): puppy = Puppy.query.filter_by(id=puppy_id).one() # we can use a generic form, since there are no fields form = Form() if form.validate_on_submit(): db.session.delete(puppy) db.session.commit() flash(puppy.name + " was put to sleep.") return redirect(url_for("puppies.list_all")) return render_template("puppies/delete.jinja2", form=form, puppy=puppy)
def delete(shelter_id): shelter = Shelter.query.filter_by(id=shelter_id).one() form = Form() if form.validate_on_submit(): db.session.delete(shelter) db.session.commit() flash(shelter.name + " was deleted from the database.") return redirect(url_for("shelters.list_all")) return render_template("shelters/delete.jinja2", form=form, shelter=shelter)
def delete(adopter_id): adopter = Adopter.query.filter_by(id=adopter_id).one() # we can use a generic form, since there are no fields form = Form() if form.validate_on_submit(): db.session.delete(adopter) db.session.commit() flash(adopter.name + " was deleted from the database.") return redirect(url_for("adopters.list_all")) return render_template("adopters/delete.jinja2", form=form, adopter=adopter)
def authenticate(): try: form = Form() user = auth_provider.authenticate(form) if login_user(user, remember=form.remember.data): redirect_url = get_post_login_redirect() identity_changed.send(app, identity=Identity(user.id)) logger.debug(DEBUG_LOGIN % (user, redirect_url)) return redirect(redirect_url) raise BadCredentialsError(FLASH_INACTIVE) except BadCredentialsError, e: message = '%s' % e do_flash(message, 'error') redirect_url = request.referrer or login_manager.login_view logger.error(ERROR_LOGIN % (message, redirect_url)) return redirect(redirect_url)
def inject_common_values(): form = Form(csrf_enabled=True) ga_id = app.config['CDW']['google_analytics_id'] ga_id = None if ga_id == 'None' or ga_id == '' else ga_id intro_video_id = app.config['CDW']['intro_video_id'] return { 'facebook_app_id': app.config['SOCIAL_PROVIDERS']['facebook']['oauth']['consumer_key'], 'google_analytics_id': ga_id, 'media_root': app.config['MEDIA_ROOT'], 'csrf_token': form.csrf_token, 'intro_video_id': intro_video_id, 'local_request': app.config['LOCAL_REQUEST'] }
def group_delmember(groupname, member): title = "Remove group member" group = ldap_get_group(groupname) if not group or 'member' not in group: abort(404) member = ldap_get_entry_simple({'sAMAccountName': member}) if not member: abort(404) if not member['distinguishedName'] in group['member']: abort(404) form = Form(request.form) if form.validate_on_submit(): try: members = group['member'] members.remove(member['distinguishedName']) ldap_update_attribute(group['distinguishedName'], "member", members) flash("Member removed.", "success") return redirect(url_for('group_overview', groupname=groupname)) except ldap.LDAPError as e: error = e.message['info'].split(":", 2)[-1].strip() error = str(error[0].upper() + error[1:]) flash(error, "error") elif form.errors: flash("Some fields failed validation.", "error") return render_template("pages/group_delmember.html", title=title, action="Remove group member", form=form, member=member['sAMAccountName'], group=group['sAMAccountName'], parent=url_for('group_overview', groupname=groupname))
def user_add(): if request.method == 'POST': form = manage.AddUserForm() if form.validate_on_submit(): if add_new_user(form): if form.enable.data: try: ss.add_port(form.port.data, form.password.data) except: import traceback traceback.print_exc() logging.error('add service on port[%s] failed') return jsonify( info='error:Add service on port[%s] failed' % form.port.data) else: return jsonify(info='error:Add new user failed') else: return jsonify(info='error:Form validate failed') send_mail(form.email.data, form.port.data, form.password.data) return jsonify(info='success', service={ 'port': form.port.data, 'password': form.password.data }) elif request.method == 'GET': form = Form() return render_template("add.html", form=form, email=g.user.get_username(), host=app.config.get('HOST_URL'), port=get_valid_port(), password=utils.generate_password(), transfer=app.config.get('USER_INIT_TRANSFER') // BYTE_TO_GIGABYTE, environment=app.config.get('ENVIRONMENT'), active_user_new='active')
def sickness_rate_blocks(): try: errors = list() sickness_rate_blocks = None if request.method == 'POST': try: data_obj = Sickness_Rate_Blocks() except AttributeError, e: errors.append( u'<strong>Не настроено подключение к БД ЛПУ.</strong> ' u'Заполните <a href="{}">настройки</a> подключения.'.format(url_for('.settings'))) else: try: start = datetime.strptime(request.form['start'], '%d.%m.%Y') end = datetime.strptime(request.form['end'], '%d.%m.%Y') except ValueError: errors.append(u'Некорректно указаны даты') else: sickness_rate_blocks = data_obj.get_sickness_rate_blocks(start, end) return render_template('reports/sickness_rate_blocks/index.html', form=Form(), sickness_rate_blocks=sickness_rate_blocks, errors=errors)
def get_csrf_headers(): form = Form() return {'X-CSRF-Token': form.csrf_token._value()}
def userlist(page=1, pending=False, sponsored=False, rolloffs=False): # We need to make sure sponsors without admin/labstaff permissions don't go # browsing through all the users data domains = g.user.get_domains() if ((sponsored and 'sponsor' not in domains) or (not sponsored and (not g.user_is_labstaff) and (not g.user_is_admin)) or (rolloffs and (not g.user_is_labstaff) and (not g.user_is_admin))): flash("Unauthorized.") return redirect('index') if (pending or rolloffs) and request.method == "POST": form = Form(request.form) if not form.validate(): flash("There was an error with your submission.") redirect(request.url) users = [ user for user, value in request.form.iteritems() if value == 'approve' ] if rolloffs: users = [user for user, value in request.form.iteritems()] users = [User.username == user for user in users] if len(users) > 0: query = User.query.filter(or_(*users)) if sponsored: # Filter and make sure we only get this sponsors users, for security query = query.filter(User.sponsor == g.user.username) users = query.all() for user in users: if sponsored: user.status = 'pending_labstaff' elif rolloffs: user.status = 'pending_rolloff' else: user.status = 'pending_create' db.session.add(user) db.session.commit() # here we handle denying accounts: users = [ user for user, value in request.form.iteritems() if value == 'deny' ] users = [User.username == user for user in users] if len(users) > 0: query = User.query.filter(or_(*users)) if sponsored: query = query.filter(User.sponsor == g.user.username) users = query.all() for user in users: # send rejection emails, silent reject if comments are empty if sponsored: mail.sponsor_reject(user) elif g.user_is_admin: mail.admin_reject(user) # drop rejected users db.session.delete(user) db.session.commit() query = User.query sort = 'username' sort_col = User.username sort_dir = asc cols = { 'username': User.username, 'uid': User._uid, 'sponsor': User.sponsor, 'email': User.email, 'name': User.last_name, 'last_name': User.last_name, 'first_name': User.first_name, 'status': User.status, 'grad_date': User._grad_date } # Let's make the filter form class FilterForm(Form): pass for field, col in cols.iteritems(): setattr(FilterForm, field, TextField()) filter_form = FilterForm(request.args) if 'sort' in request.args: if request.args['sort'] in cols: sort = request.args['sort'] sort_col = cols[request.args['sort']] if 'dir' in request.args and request.args['dir'] == 'desc': sort_dir = desc if sponsored: query = query.filter(User.sponsor == g.user.username) if pending: query = query.filter(User.status == 'pending_sponsor') else: query = query.filter(User.status != 'pending_sponsor') elif rolloffs: now = date.today() query = query.filter(User._grad_date <= now) query = query.filter(User.status != 'pending_sponsor') query = query.filter(User.status != 'pending_labstaff') query = query.filter(User.status != 'pending_rolloff') else: if pending: query = query.filter(User.status == 'pending_labstaff') # else: # query = query.filter(User.status != 'pending_labstaff') # query = query.filter(User.status != 'pending_sponsor') for field, col in cols.iteritems(): if field in request.args: if request.args[field].strip() == "": continue query = query.filter(col.like(request.args[field].strip())) query = query.order_by(sort_dir(sort_col)) page = query.paginate(page) if pending: # Patch a Form. This allows us to keep our CSRF protection class F(Form): pass for user in page.items: setattr( F, user.username, RadioField(choices=[('approve', 'Approve'), ('postpone', 'Postpone'), ('deny', 'Deny')], validators=[validators.Required()])) # Flask-WTForms likes to pull data from request.form. Force it not to. form = F(ImmutableMultiDict()) # We do this after the fact so WTForms can do some of its binding for user in page.items: user.radio = getattr(form, user.username) user.radio.data = 'postpone' if sponsored: template = 'sponsorship_requests.html' else: template = 'list_pending_users.html' elif rolloffs: class rolloffCheckbox(Form): pass for user in page.items: setattr(rolloffCheckbox, user.username, BooleanField()) form = rolloffCheckbox(ImmutableMultiDict()) for user in page.items: user.checkbox = getattr(form, user.username) template = 'list_upcoming_rolloffs.html' else: form = Form() if sponsored: template = 'sponsored_users.html' else: template = 'userlist.html' return render_template(template, page=page, sort=sort, sort_dir='asc' if sort_dir == asc else 'desc', form=form, filter_form=filter_form)
def create(): return render_template('new.html', form=Form())