Esempio n. 1
0
def login():
    # Check if user already logged in
    if ('username' in session):
        return redirect('/')
    # Check if post method selected therfore need to login the user
    if request.method == "POST":
        # Connect to database and check if user exists
        con = sqlite3.connect(current_app.config['DB_NAME'])
        sqlQuryLogin = "******"
        sqlRes = con.execute(sqlQuryLogin, (request.form["username"], ))
        record = sqlRes.fetchone()

        # Check if user exists
        if (record != None):

            # Create user object for current selected username
            usrLogin = User(record[0],
                            record[1],
                            record[2],
                            decryptPassword(record[3]),
                            record[4],
                            record[5],
                            record[6],
                            record[8],
                            email=record[9])

            # Check if password is correct and user is not banned
            if (usrLogin.validatePassword(request.form["password"])):
                # Check if user banned
                if (not usrLogin.getIsBanned()):
                    # Check if the user is admin or not
                    if (record[7] == 1):
                        session['admin'] = True

                    # Save user name in session
                    session['username'] = usrLogin.getUsername()
                    massage = "Logged in successfuly!"

                    return redirect('/')
                # The user banned
                else:
                    massage = "Your user is banned!"
            # The password is incorrect
            else:
                massage = "Wrong password entered!"
        else:
            massage = "Wrong username entered!"

        # Close the connection to DB
        con.close()

        return render_template('login.html', massage=massage)
    # Get method mean open the page
    else:
        return render_template('login.html',
                               massage="Please fill the login form!")
Esempio n. 2
0
def getUserInfo(name):
    # Connect to database and check if user exists
    con = sqlite3.connect(current_app.config['DB_NAME'])

    # Prepare the query
    sqlQury = "SELECT * FROM Users WHERE username = (?)"

    # Run the query to get user data
    sqlRes = con.execute(sqlQury,(name,))

    # Fetch the result
    record = sqlRes.fetchone()

    # Create user object for current selected username
    infoUser = None

    # Check if user exists
    if (record != None):
        # Create user object for current selected username
        infoUser = User(record[0], record[1], record[2], None, record[4], record[5], record[6], record[8], email=record[9])

    # Close the connection to the database
    con.close()

    return (infoUser)
Esempio n. 3
0
def getUsersInfo():
    # List of users
    lstUsers = []

    # Connect to database
    con = sqlite3.connect(current_app.config['DB_NAME'])

    # Prepare the query
    sqlQury = "SELECT * FROM Users"

    # Run the query to get user data
    sqlRes = con.execute(sqlQury)

    # Run over the lines of the result and append to list
    for line in sqlRes:
        if line[7] == 0:
            lstUsers.append(
                User(line[0], line[1], line[2], None, line[4], line[5],
                     line[6], line[8], line[9]))
        else:
            lstUsers.append(
                Admin(line[0], line[1], line[2], None, line[4], line[5],
                      line[6], line[8], line[9]))

    # Close the connection to the database
    con.close()

    return (lstUsers)
Esempio n. 4
0
def edit_bio(name):
    # Check if user already logged in
    if ('username' not in session):
        return redirect('/')

    # Check if editing not current user
    if (session.get('username') != name):
        return redirect('/')

    # Get institutions
    institutions = getInstitutions()

    # Load current user data
    usr = getUserInfo(name)

    # Check if post method selected therfore need to login the user
    if (request.method == "POST"):
        
        # Update user bio
        usrUpdate = User(name,
                        request.form["fName"],
                        request.form["lName"],
                        None,
                        request.form["institution"],
                        request.form["faculty"],
                        request.form["year"],
                        email = request.form["email"])

        # Validate the user before update
        msgValidateEdit = usrUpdate.validateEditBio()

        if (msgValidateEdit == ""):
            # Update user info
            updateUserBio(usrUpdate)

            return render_template("user.html", data = name, user = usrUpdate)
        else:
            return render_template("edit_bio.html", data = name, user = usr, institutions = institutions, massage = msgValidateEdit)

    # Method get
    else:
        return render_template("edit_bio.html", data = name, user = usr, institutions = institutions)
Esempio n. 5
0
 def test_empty_lastname_invalid(self):
     lastname = ""
     usr = User("testing", "aviel", lastname, "Aa123456!", 1, 1, 1)
     assert usr.validateUser() != ""
Esempio n. 6
0
 def test_empty_faculty_invalid(self):
     facultyID = ""
     usr = User("testing", "aviel", "rois", "Aa123456!", 1, facultyID, 1)
     assert usr.validateUser() != ""
Esempio n. 7
0
 def test_show_approved_files(self):
     username = "******"
     password = "******"
     usr = User(username, "aaa", "aaa", "Aa123456!", 1, 1, 1, 1)
     assert (usr.getIsBanned() == 1)
Esempio n. 8
0
 def test_nonempty_faculty_valid(self):
     facultyID = 1
     usr = User("testing", "aviel", "rois", "Aa123456!", 1, facultyID, 1)
     assert usr.validateUser() == ""
Esempio n. 9
0
 def test_edit_lastname_invalid(self):
     username = "******"
     usr = User(username, "aaa", "aaa", "Aa123456!", 1, 1, 1)
     usr.setLName("")
     assert usr.validateUser() != ""
Esempio n. 10
0
 def test_edit_firstname_valid(self):
     username = "******"
     usr = User(username, "aaa", "aaa", "Aa123456!", 1, 1, 1)
     usr.setFName("test1")
     assert usr.validateUser() == ""
Esempio n. 11
0
    def test_ban_user(self):
        username = "******"
        usr = User(username, "aaa", "aaa", "Aa123456!", 1, 1, 1, 1)

        assert usr.getIsBanned() == 1
Esempio n. 12
0
 def test_password_login_valid(self):
     username = "******"
     password = "******"
     usr = User(username, "aaa", "aaa", "Aa123456!", 1, 1, 1)
     assert usr.validatePassword(password)
Esempio n. 13
0
 def test_nonempty_lastname_valid(self):
     lastname = "rois"
     usr = User("testing", "aviel", lastname, "Aa123456!", 1, 1, 1)
     assert usr.validateUser() == ""
Esempio n. 14
0
 def test_show_list_files(self):
     username = "******"
     password = "******"
     usr = User(username, "aaa", "aaa", "Aa123456!", 1, 1, 1)
     assert usr.validatePassword(password)
Esempio n. 15
0
 def test_empty_firstname_invalid(self):
     firstname = ""
     usr = User("testing", firstname, "aaa", "Aa123456!", 1, 1, 1)
     assert usr.validateUser() != ""
Esempio n. 16
0
 def test_nonempty_firstname_valid(self):
     firstname = "aviel"
     usr = User("testing", firstname, "aaa", "Aa123456!", 1, 1, 1)
     assert usr.validateUser() == ""
Esempio n. 17
0
 def test_username_special_chars_invalid(self):
     username = "******"
     usr = User(username, "aaa", "aaa", "Aa123456!", 1, 1, 1)
     assert usr.validateUser() != ""
Esempio n. 18
0
 def test_username_numbers_and_letters_valid(self):
     username = "******"
     usr = User(username, "aaa", "aaa", "Aa123456!", 1, 1, 1)
     assert usr.validateUser() == ""
Esempio n. 19
0
 def test_username_numbers_only_valid(self):
     username = "******"
     usr = User(username, "aaa", "aaa", "Aa123456!", 1, 1, 1)
     assert usr.validateUser() == ""
Esempio n. 20
0
def register():
    # Load all institutions
    institutions = []

    con = sqlite3.connect(current_app.config['DB_NAME'])

    # Preprare query
    sqlQueryInstitutions = "SELECT * FROM Institutions"

    # Run the query and save result
    sqlRes = con.execute(sqlQueryInstitutions)

    # Run over the lines of the result and append to list
    for line in sqlRes:
        institutions.append([line[0], line[1]])

    # Close the connection to the database
    con.close()

    # Check if user already logged in
    if ('username' in session):
        return redirect('/')
    # If method post selected then register the user
    if (request.method == "POST"):
        # connect to db and check if username taken
        con = sqlite3.connect(current_app.config['DB_NAME'])
        sqlQueryCheckExist = "SELECT * FROM Users WHERE UserName = (?)"
        sqlRes = con.execute(sqlQueryCheckExist, (request.form["username"], ))
        record = sqlRes.fetchone()

        # Create user object
        newUser = User(request.form["username"],
                       request.form["fName"],
                       request.form["lName"],
                       request.form["password"],
                       request.form["institution"],
                       request.form["faculty"],
                       request.form["year"],
                       email=request.form["email"])

        # Check if the user is not already registered!
        if (record == None):
            # Validate the user
            valMessage = newUser.validateUser()

            valMessage = valMessage.replace('\n', '<br>')
            valMessage = Markup(valMessage)

            # Check if user is valid
            if (valMessage != ""):
                return render_template('register.html',
                                       massage=valMessage,
                                       institutions=institutions)

            # Insert the user into the table of users
            sqlQueryRegister = "INSERT INTO Users VALUES (?,?, ?, ?, ?, ?, ?, 0, 0, ?)"
            con.execute(
                sqlQueryRegister,
                (newUser.getUsername(), newUser.getFName(), newUser.getLName(),
                 encryptPassword(newUser.getPassword()),
                 newUser.getInstitutionID(), newUser.getFacultyID(),
                 newUser.getStudyYear(), newUser.getEmail()))

            # Commit the changes in users table
            con.commit()

            # Create message
            massage = "User registered successfully!"

            # Add the user into the session variable
            session['username'] = newUser.getUsername()
        else:
            massage = "Username already taken please choose another!"
            return render_template('register.html',
                                   massage=massage,
                                   institutions=institutions)

        # Close the database connection
        con.close()

        return redirect('/')
    # Load and prepare the page
    else:
        return render_template('register.html',
                               massage="Please register",
                               institutions=institutions)
Esempio n. 21
0
 def test_username_letters_only_valid(self):
     username = "******"
     usr = User(username, "aaa", "aaa", "Aa123456!", 1, 1, 1)
     assert usr.validateUser() == ""
Esempio n. 22
0
 def test_banned_user(self):
     username = "******"
     password = "******"
     usr = User(username, "aaa", "aaa", "Aa123456!", 1, 1, 1, 1)
     assert (usr.getIsBanned() == 1)
Esempio n. 23
0
 def test_password_lower_and_upper_letters_only_invalid(self):
     password = "******"
     usr = User("Aviel", "aaa", "aaa", password, 1, 1, 1)
     assert usr.validateUser() != ""
Esempio n. 24
0
 def test_password_lower_upper_digits_special_short_invalid(self):
     password = "******"
     usr = User("Aviel", "aaa", "aaa", password, 1, 1, 1)
     assert usr.validateUser() != ""
Esempio n. 25
0
 def test_password_lower_upper_digits_special_long_valid(self):
     password = "******"
     usr = User("Aviel", "aaa", "aaa", password, 1, 1, 1)
     assert usr.validateUser() == ""
Esempio n. 26
0
 def test_edit_email_empty_valid(self):
     username = "******"
     usr = User(username, "aaa", "aaa", "Aa123456!", 1, 1, 1)
     usr.setEmail("")
     assert usr.validateUser() == ""
Esempio n. 27
0
 def test_empty_institution_invalid(self):
     institutionID = ""
     usr = User("testing", "aviel", "rois", "Aa123456!", institutionID, 1,
                1)
     assert usr.validateUser() != ""
Esempio n. 28
0
 def test_edit_password_invalid(self):
     username = "******"
     usr = User(username, "aaa", "aaa", "Aa123456!", 1, 1, 1)
     usr.setPassword("aaaaa")
     assert usr.validateUser() != ""
Esempio n. 29
0
 def test_show_pending_file(self):
     username = "******"
     password = "******"
     usr = User(username, "aaa", "aaa", "Aa123456!", 1, 1, 1)
     assert not usr.validatePassword(password)