def login():
form = LoginForm()
if form.validate_on_submit():
cursor.execute(
"SELECT employee_id FROM employee WHERE employee_id = %s",
(form.username.data, ))
if cursor.fetchone():
cursor.execute(
"SELECT password FROM employee WHERE employee_id = %s",
(form.username.data, ))
if cursor.fetchone()[0] == form.password.data:
global username
global role
username = form.username.data
cursor.execute(
"SELECT role FROM employee WHERE employee_id = %s",
(form.username.data, ))
role = cursor.fetchone()[0]
flash('You have successfully been successfully logged in!')
return redirect(url_for('user.dashboard'))
flash('Invalid email or password.')
return render_template('auth/login.html',
form=form,
title='Login',
isadmin=isadmin,
username=username,
role=role)
def comment():
if (get_username() == ""):
flash ("Please Login!")
return redirect(url_for('auth.login'))
username = get_username()
form = commentFormLower()
cursor.execute("SELECT * FROM leave_application WHERE employee_id = %s ORDER BY leave_id DESC", (username,))
leave = cursor.fetchone()
cursor.execute("SELECT * FROM comments ORDER BY leave_id DESC")
comments = cursor.fetchall()
if leave:
if leave[6] == "Sent Back":
if form.validate_on_submit():
comment = form.comment.data
comment_by = username
comment_time = str(datetime.datetime.now())
cursor.execute("UPDATE leave_Application SET status = %s WHERE leave_id = (%s)", ("Waiting", leave[0]))
cursor.execute("SELECT role FROM comments WHERE leave_id = %s ORDER BY comment_id DESC", (leave[0],))
end_route = cursor.fetchone()[0]
cursor.execute("SELECT department_id FROM employee WHERE employee_id = %s", (username,))
department_id = cursor.fetchone()[0]
cursor.execute("INSERT INTO leave_requests(role, leave_id, department_id) VALUES(%s, %s, %s)", (end_route, leave[0], department_id))
cursor.execute("INSERT INTO comments(leave_id, comment, comment_time, comment_by, role, department_id) VALUES(%s, %s, %s, %s, %s, %s)", (leave[0], comment, comment_time, comment_by, get_role(), department_id))
conn.commit()
flash ('Application Re-sent!')
return redirect(url_for('user.dashboard', username = username))
return render_template('user/leaves/comment.html', form = form, leave = leave, comments = comments, title = "Comment", username = username, isadmin = get_isadmin(), role = get_role())
flash ('No action required!')
return redirect(url_for('user.dashboard', username = username))
flash ('No action required!')
return redirect(url_for('user.dashboard', username = username))
def new_application():
if (get_username() == ""):
flash ("Please Login!")
return redirect(url_for('auth.login'))
username = get_username()
# Check if user is trying to gnerate more than one requests
cursor.execute("SELECT status FROM leave_application WHERE employee_id = %s ORDER BY leave_id DESC", (username,))
status = cursor.fetchone()
if status :
if status[0] != 'Granted' and status[0] != 'Rejected':
flash("Can't apply For leave as last leave is pending!")
return redirect(url_for('user.dashboard', username = username, isadmin = get_isadmin()))
form = LeaveApplicationForm()
if form.validate_on_submit():
start_date = form.start_date.data
end_date = form.end_date.data
application = form.application.data
leave_type = form.leave_type.data
now = datetime.datetime.now()
curr_year = int(now.year)
cursor.execute("SELECT total_leaves_left FROM leaves_left WHERE employee_id = %s AND year = %s", (username, curr_year))
total_leaves_left = cursor.fetchone()[0]
leaves_demanded = int((end_date - start_date).days) + 1
if(total_leaves_left - leaves_demanded < -10 and leave_type == "Borrowing"):
flash ("Invalid Application! You can atmax borrow 10 leaves from upcoming year!")
return redirect(url_for('home.error'))
if(total_leaves_left - leaves_demanded < 0 and leave_type == "Regular"):
flash ("Invalid Application! You can't apply for this much leaves! You can try borrowing leaves!")
return redirect(url_for('home.error'))
# Check type of Leave
if(total_leaves_left - leaves_demanded < 0):
leave_type = 'Borrowing'
else:
leave_type = 'Regular'
status = 'Waiting'
cursor.execute("SELECT end_route FROM route WHERE role = %s AND start_route = %s", (get_role(), get_role()))
to = cursor.fetchone()
if to is None:
flash("Route is not defined for you! Please contact admin!")
return redirect(url_for('home.error'))
cursor.execute("SELECT department_id FROM employee WHERE employee_id = %s", (username,))
department_id = cursor.fetchone()[0]
cursor.execute("INSERT INTO leave_application(employee_id, applied_date, leave_type, start_date, end_date, status, application, department_id) VALUES(%s, %s, %s, %s, %s, %s, %s, %s)", (username, 'now()', leave_type, start_date, end_date, status, application, department_id))
cursor.execute("SELECT leave_id FROM leave_application WHERE employee_id = %s ORDER BY leave_id DESC", (username,))
leave_id = cursor.fetchone()[0]
cursor.execute("INSERT INTO leave_requests(role, leave_id, department_id) VALUES(%s, %s, %s)", (to[0], leave_id, department_id))
conn.commit()
flash ("Application Sent!")
return redirect(url_for('user.dashboard', username = username))
return render_template('user/leaves/new_application.html', form=form, title="New Application" , username = username, isadmin = get_isadmin(), role = get_role())
def validate_position(self, field):
cursor.execute("SELECT position FROM pos WHERE position = %s",
(field.data, ))
if cursor.fetchone() == None:
raise ValidationError('Position does not exist!')
cursor.execute("SELECT position FROM ccf WHERE position = %s",
(field.data, ))
if cursor.fetchone():
raise ValidationError('Position already appointed!')
def validate_hod_id(self, field):
cursor.execute(
"SELECT employee_id FROM employee WHERE employee_id = %s",
(field.data, ))
if cursor.fetchone() == None:
raise ValidationError('Employee does not exists!')
cursor.execute("SELECT role FROM employee WHERE employee_id = %s",
(field.data, ))
if cursor.fetchone()[0] != 'FACULTY':
raise ValidationError('Employee already holds another position!')
def validate_department_id(self, field):
cursor.execute(
"SELECT department_id FROM department WHERE department_id = %s",
(field.data, ))
if cursor.fetchone() == None:
raise ValidationError('Department does not exist!')
cursor.execute(
"SELECT department_id FROM hod WHERE department_id = %s",
(field.data, ))
if cursor.fetchone():
raise ValidationError('HOD already appointed!')
def add_hod():
if get_isadmin() == False:
return redirect(url_for('home.error403'))
add_hod = True
form = AddHODForm()
if form.validate_on_submit():
cursor.execute(
"SELECT department_id FROM employee WHERE employee_id = %s",
(form.hod_id.data, ))
if cursor.fetchone()[0] == form.department_id.data:
cursor.execute(
"INSERT INTO hod(department_id, hod_id, appointed_date) VALUES(%s, %s, %s)",
(form.department_id.data, form.hod_id.data, date.today()))
cursor.execute(
"UPDATE employee SET role = %s WHERE employee_id = %s", (
'HOD',
form.hod_id.data,
))
conn.commit()
flash('You have successfully added a new HOD!')
else:
flash('Invalid Entry!')
return redirect(url_for('admin.list_hod'))
return render_template('admin/roles/hods.html',
action="Add",
add_hod=add_hod,
form=form,
title="Add HOD",
username=get_username(),
isadmin=get_isadmin())
def edit_ccf(position):
if get_isadmin() == False:
return redirect(url_for('home.error403'))
add_ccf = False
form = EditCCFForm()
cursor.execute("SELECT * FROM ccf WHERE position = %s", (position, ))
data = cursor.fetchone()
if form.validate_on_submit():
cursor.execute(
"INSERT INTO ccf_history(employee_id, position, time, start_date, end_date) VALUES(%s, %s, %s, %s, %s)",
(data[0], data[1],
(datetime.now()).strftime("%H:%M:%S"), data[2], date.today()))
cursor.execute("UPDATE employee SET role = %s WHERE employee_id = %s",
('FACULTY', data[0]))
cursor.execute("UPDATE employee SET role = %s WHERE employee_id = %s",
(position, form.employee_id.data))
cursor.execute(
"UPDATE ccf SET employee_id = %s, appointed_date = %s WHERE position = %s",
(form.employee_id.data, date.today(), position))
conn.commit()
flash('You have successfully updated the position!')
return redirect(url_for('admin.list_ccf'))
return render_template('admin/roles/ccfs.html',
action="Edit",
add_ccf=add_ccf,
form=form,
title="Edit CCF",
username=get_username(),
isadmin=get_isadmin())
def register():
if isadmin == False:
flash('Unauthorized Access!')
return redirect(url_for('user.dashboard'))
form = RegistrationForm()
if form.validate_on_submit():
cursor.execute(
"SELECT department_name FROM department WHERE department_id = %s",
(form.department_id.data, )) # Add to postgres database
department_name = cursor.fetchone()[0]
cursor.execute(
"INSERT INTO employee(employee_id, password, first_name, last_name, email_id, department_id, date_of_joining, isadmin) VALUES(%s, %s, %s, %s, %s, %s, %s, %s)",
(form.username.data, form.password.data, form.first_name.data,
form.last_name.data, form.email.data, form.department_id.data,
'now()', form.isadmin.data))
cursor.execute(
"INSERT INTO leaves_left(employee_id, total_leaves_left, year) VALUES(%s, %s, %s)",
(form.username.data, 30, 2019))
cursor.execute(
"INSERT INTO leaves_left(employee_id, total_leaves_left, year) VALUES(%s, %s, %s)",
(form.username.data, 30, 2020))
cursor.execute(
"INSERT INTO leaves_left(employee_id, total_leaves_left, year) VALUES(%s, %s, %s)",
(form.username.data, 30, 2021))
cursor.execute(
"INSERT INTO leaves_left(employee_id, total_leaves_left, year) VALUES(%s, %s, %s)",
(form.username.data, 30, 2022))
cursor.execute(
"INSERT INTO leaves_left(employee_id, total_leaves_left, year) VALUES(%s, %s, %s)",
(form.username.data, 30, 2023))
emp = { # Add to monodb database
"_id": form.username.data,
"first_name": form.first_name.data,
"last_name": form.last_name.data,
"email_id": form.email.data,
"department_id": department_name,
"no_awards": 0,
"no_publications": 0,
"no_researchs": 0,
"no_projects": 0,
"biography": "",
"education": [],
"experience": [],
"research_interests": [],
"projects": [],
"awards": [],
"publications": []
}
conn.commit()
db.employee.insert_one(emp)
flash('Employee Registered Successfully!')
return redirect(url_for('admin.dashboard'))
return render_template('auth/register.html',
form=form,
title='Register',
isadmin=isadmin,
username=username,
role=role)
def action(leave_id):
if (get_username() == ""):
flash ("Please Login!")
return redirect(url_for('auth.login'))
username = get_username()
form = commentFormHigher()
cursor.execute("SELECT leave_id FROM leave_requests WHERE role = %s AND leave_id = %s", (get_role(), leave_id))
id = cursor.fetchone()
if id is None:
flash ("Error : Unauthorized Access!")
return redirect(url_for('home.error'))
if form.validate_on_submit():
cursor.execute("SELECT * FROM leave_application WHERE leave_id = %s ORDER BY leave_id", (leave_id,))
leave = cursor.fetchone()
cursor.execute("SELECT department_id FROM employee WHERE employee_id = %s", (username,))
department_id = cursor.fetchone()
comment = form.comment.data
comment_by = username
now = datetime.datetime.now()
curr_year = int(now.year)
comment_time = str(datetime.datetime.now())
cursor.execute("INSERT INTO comments(leave_id, comment, comment_time, comment_by, role, department_id) VALUES(%s, %s, %s, %s, %s, %s)", (leave_id, comment, comment_time, comment_by, get_role(), department_id))
if form.action.data == "send_back" :
status = "Sent Back"
elif form.action.data == "reject" :
status = "Rejected"
else :
cursor.execute("Select role FROM employee WHERE employee_id = %s", (leave[2],))
role = cursor.fetchone()[0]
start_route = get_role()
cursor.execute("Select end_route FROM route WHERE role = %s AND start_route = %s", (role, start_route))
end_route = cursor.fetchone()
if end_route is None:
status = "Granted"
cursor.execute("Select total_leaves_left FROM leaves_left WHERE employee_id = %s AND year = %s", (leave[2], curr_year))
leaves_left = cursor.fetchone()[0] - int((leave[5]-leave[4]).days) - 1
if leaves_left < 0:
cursor.execute("Select total_leaves_left FROM leaves_left WHERE employee_id = %s AND year = %s", (leave[2], (curr_year+1)))
next_leaves_left = cursor.fetchone()[0] - abs(leaves_left)
cursor.execute("Update leaves_left SET total_leaves_left = %s WHERE employee_id = %s AND year = %s", (next_leaves_left, leave[2], (curr_year+1)))
leaves_left = 0
cursor.execute("Update leaves_left SET total_leaves_left = %s WHERE employee_id = %s AND year = %s", (leaves_left, leave[2], curr_year))
else :
status = "Forwarded"
cursor.execute("DELETE FROM leave_requests WHERE role = %s AND leave_id = %s", (get_role(), leave_id))
cursor.execute("SELECT department_id FROM employee WHERE employee_id = %s", (username,))
department_id = cursor.fetchone()[0]
cursor.execute("INSERT INTO leave_requests(role, leave_id, department_id) VALUES(%s, %s, %s)", (end_route, leave_id, department_id))
if status != "Forwarded":
cursor.execute("DELETE FROM leave_requests WHERE role = %s AND leave_id = %s", (get_role(), leave_id))
cursor.execute("UPDATE leave_Application SET status = %s WHERE leave_id = (%s)", (status, leave[0]))
conn.commit()
return redirect(url_for('user.leave_requests', username = username))
return render_template('user/leaves/action.html', leave_id = leave_id, form = form, title="Action", username = username, isadmin = get_isadmin(), role = get_role())
def edit_hod(department_id):
if get_isadmin() == False:
return redirect(url_for('home.error403'))
add_hod = False
form = EditHODForm()
cursor.execute("SELECT * FROM hod WHERE department_id = %s",
(department_id, ))
data = cursor.fetchone()
if form.validate_on_submit():
cursor.execute(
"SELECT department_id FROM employee WHERE employee_id = %s",
(form.hod_id.data, ))
if cursor.fetchone()[0] == department_id:
cursor.execute(
"INSERT INTO hod_history(hod_id, department_id, time, start_date, end_date) VALUES(%s, %s, %s, %s, %s)",
(data[0], data[1],
(datetime.now()).strftime("%H:%M:%S"), data[2], date.today()))
cursor.execute(
"UPDATE employee SET role = %s WHERE employee_id = %s",
('FACULTY', data[0]))
cursor.execute(
"UPDATE employee SET role = %s WHERE employee_id = %s",
('HOD', form.hod_id.data))
cursor.execute(
"UPDATE hod SET hod_id = %s, appointed_date = %s WHERE department_id = %s",
(form.hod_id.data, date.today(), department_id))
conn.commit()
flash('You have successfully changed the HOD!')
else:
flash('Invalid Entry!')
return redirect(url_for('admin.list_hod'))
return render_template('admin/roles/ccfs.html',
action="Edit",
add_hod=add_hod,
form=form,
title="Edit HOD",
username=get_username(),
isadmin=get_isadmin())
def delete_department(department_id):
if get_isadmin() == False:
return redirect(url_for('home.error403'))
cursor.execute("SELECT * from employee WHERE department_id = %s",
(department_id, ))
employees = cursor.fetchone()
if employees:
flash(
"To remove the department, first remove all faculties enrolled in that department."
)
return redirect(url_for('home.error'))
cursor.execute("DELETE FROM department WHERE department_id = %s",
(department_id, ))
conn.commit()
flash('You have successfully deleted the department!')
return redirect(url_for('admin.list_departments'))
return render_template(title="Delete Department")
def delete_ccf(position):
if get_isadmin() == False:
return redirect(url_for('home.error403'))
cursor.execute("SELECT * FROM ccf WHERE position = %s", (position, ))
data = cursor.fetchone()
cursor.execute(
"INSERT INTO ccf_history(employee_id, position, time, start_date, end_date) VALUES(%s, %s, %s, %s, %s)",
(data[0], data[1],
(datetime.now()).strftime("%H:%M:%S"), data[2], date.today()))
cursor.execute("DELETE FROM ccf WHERE position = %s", (position, ))
cursor.execute(
"UPDATE employee SET role = 'FACULTY' WHERE employee_id = %s",
(data[0], ))
conn.commit()
flash('You have successfully deleted the ccf!')
return redirect(url_for('admin.list_ccf'))
return render_template(title="Delete CCF")
def leave_requests():
if (get_username() == ""):
flash ("Please Login!")
return redirect(url_for('auth.login'))
username = get_username()
cursor.execute("SELECT leave_application.leave_id, leave_type, leave_application.employee_id, applied_date, start_date, end_date, status, application, leave_application.department_id FROM leave_application, leave_requests WHERE leave_requests.role = %s and leave_application.leave_id = leave_requests.leave_id", (get_role(),))
temp_requests = cursor.fetchall()
requests = []
if get_role() == 'HOD':
cursor.execute("SELECT department_id FROM employee WHERE employee_id = %s", (username,))
department_id = cursor.fetchone()[0]
for request in temp_requests:
if department_id == request[8]:
requests.append(request)
else :
requests = temp_requests
cursor.execute("SELECT * FROM comments ORDER BY leave_id DESC")
comments = cursor.fetchall()
return render_template('user/leaves/leave_requests.html', requests = requests, comments = comments, title="Leave Requests", username = username, isadmin = get_isadmin(), role = get_role())
def delete_hod(department_id):
if get_isadmin() == False:
return redirect(url_for('home.error403'))
cursor.execute("SELECT * FROM hod WHERE department_id = %s",
(department_id, ))
data = cursor.fetchone()
cursor.execute(
"INSERT INTO hod_history(hod_id, department_id, time, start_date, end_date) VALUES(%s, %s, %s, %s, %s)",
(data[0], data[1],
(datetime.now()).strftime("%H:%M:%S"), data[2], date.today()))
cursor.execute("DELETE FROM hod WHERE department_id = %s",
(department_id, ))
cursor.execute(
"UPDATE employee SET role = 'FACULTY' WHERE employee_id = %s",
(data[0], ))
conn.commit()
flash('You have successfully deleted the HOD!')
return redirect(url_for('admin.list_hod'))
return render_template(title="Delete HOD")
def validate_username(self, field):
cursor.execute(
"SELECT employee_id FROM employee WHERE employee_id = %s",
(field.data, ))
if cursor.fetchone():
raise ValidationError('Username is already in use!')
def validate_employee_id(self, field):
cursor.execute(
"SELECT employee_id FROM employee WHERE employee_id = %s",
(field.data, ))
if cursor.fetchone() == None:
raise ValidationError('Employee does not exists!')
def validate_department_id(self, field):
cursor.execute(
"SELECT department_id FROM department WHERE department_id = %s",
(field.data, ))
if (cursor.fetchone() is None):
raise ValidationError('Department does not exist!')
def validate_position_id(self, field):
cursor.execute("SELECT position FROM pos WHERE position = %s",
(field.data, ))
if cursor.fetchone():
raise ValidationError('Position already exist!')
