def api_store_suggestions():
if not current_user.has_capability('editor'):
abort(403)
data = []
form = StoreSuggestionSearchForm()
if not form.validate_on_submit():
return json_response({'status': -1, 'errors': form.errors})
stores = ObjectDump.query.filter_by(type='suggestion')
if form.region.data and form.region.data not in ['None', '_all']:
stores = stores.filter_by(region_id=form.region.data)
elif not current_user.has_capability('admin'):
stores = stores.filter(Store.region_id.in_(current_user.region_ids))
if form.settled.data and form.settled.data not in ['None', '_all']:
stores = stores.filter_by(settled=form.settled.data == 'yes')
count = stores.count()
stores = stores.order_by(getattr(getattr(ObjectDump, form.sort_field.data), form.sort_order.data)())\
.limit(current_app.config['ITEMS_PER_PAGE'])\
.offset((form.page.data - 1) * current_app.config['ITEMS_PER_PAGE'])\
.all()
for store in stores:
item = store.data
item['id'] = store.id
item['created'] = store.created
data.append(item)
return json_response({'data': data, 'status': 0, 'count': count})
def store_edit(store_id):
if not current_user.has_capability('editor'):
abort(403)
store = Store.query.get_or_404(store_id)
if not current_user.has_capability(
'admin') and store.region not in current_user.region:
abort(403)
form = StoreForm(obj=store)
if form.validate_on_submit():
opening_times_data = {}
for field in ['all', 'delivery', 'pickup']:
opening_times_data[field] = getattr(form,
'opening_times_%s' % field)
delattr(form, 'opening_times_%s' % field)
form.populate_obj(store)
setattr(store, 'revisited_%s' % current_user.role, datetime.utcnow())
db.session.add(store)
db.session.commit()
save_opening_times_form(form, opening_times_data, store)
es_index_store_delay.delay(store.id)
create_store_revision_delay.delay(store.id)
upload_files(form, store, 'store')
flash('Geschäft erfolgreich gespeichert', 'success')
return redirect('/admin/stores')
return render_template('store-edit.html',
form=form,
store=store,
opening_times=get_opening_times_for_form(store.id))
def user_edit(store_id):
if not current_user.has_capability('admin'):
abort(403)
user = User.query.get_or_404(store_id)
if current_user.has_capability('admin'):
form = UserAdminForm(obj=user)
else:
form = UserForm(obj=user)
if form.validate_on_submit():
form.populate_obj(user)
db.session.add(user)
db.session.commit()
flash('Nutzer erfolgreich gespeichert', 'success')
return redirect('/admin/users')
return render_template('user-edit.html', form=form, user=user)
def admin_document_file_new(document_id):
if not current_user.has_capability('admin'):
abort(403)
document = Document.get_or_404(document_id)
form = DocumentNewFileForm()
if form.validate_on_submit():
file_data = form.image_file.data
file = File()
if form.name.data:
file.name = form.name.data
file.fileName = file_data.filename
file.mimeType = file_data.content_type
file.document = document
file.save()
document.files.append(file)
document.save()
path = os.path.join(current_app.config['TEMP_UPLOAD_DIR'],
str(file.id))
form.image_file.data.seek(0)
form.image_file.data.save(path)
process_file.delay(str(file.id))
return redirect(
url_for('archive_management.admin_document_file_show',
document_id=document_id,
file_id=str(file.id)))
return render_template('document-file-new.html',
document=document,
form=form,
is_edit_mode=False,
post=request.url)
def store_delete(store_id):
if not current_user.has_capability('admin'):
abort(403)
store = Store.query.get_or_404(store_id)
if not current_user.has_capability('admin') and store.region not in current_user.region:
abort(403)
form = StoreDeleteForm()
if form.validate_on_submit():
if form.abort.data:
return redirect('/admin/stores')
store.deleted = True
db.session.add(store)
db.session.commit()
flash('Geschäft erfolgreich gelöscht', 'success')
return redirect('/admin/stores')
return render_template('store-delete.html', store=store, form=form)
def api_admin_comments():
if not current_user.has_capability('admin'):
abort(403)
form = CommentSearchForm()
if not form.validate_on_submit():
return json_response({'status': -1})
object_kwargs = {}
begin, end = form.daterange.data.split(' - ')
object_kwargs['created__gte'] = datetime.strptime(begin, '%d.%m.%Y')
object_kwargs['created__lte'] = datetime.strptime(
end, '%d.%m.%Y') + timedelta(days=1)
# TODO: bad data in form status: why? browser side issue
#object_kwargs['status__in'] = [int(x) for x in form.status.data]
comments = Comment.objects(**object_kwargs)
count = comments.count()
comments = comments.order_by('%s%s' % ('+' if form.sort_order.data == 'asc' else '-', form.sort_field.data)) \
.limit(current_app.config['ITEMS_PER_PAGE']) \
.skip((form.page.data - 1) * current_app.config['ITEMS_PER_PAGE']) \
.all()
data = []
for comment in comments:
comment_dict = comment.to_dict()
comment_dict['document'] = comment.document.to_dict()
data.append(comment_dict)
return json_response({'data': data, 'status': 0, 'count': count})
def api_stores():
if not current_user.has_capability('editor'):
abort(403)
data = []
form = StoreSearchForm()
if not form.validate_on_submit():
return json_response({'status': -1, 'errors': form.errors})
stores = Store.query.filter(Store.deleted == False)
if form.name.data:
stores = stores.filter(Store.name.like('%%%s%%' % form.name.data))
if form.region.data and form.region.data not in ['None', '_all', '_none']:
stores = stores.filter_by(region_id=form.region.data)
elif form.region.data == '_none':
stores = stores.filter_by(region_id=None)
elif not current_user.has_capability('admin'):
stores = stores.filter(Store.region_id.in_(current_user.region_ids))
if form.revisit_required.data and form.revisit_required.data not in [
'None', '_all'
]:
if form.revisit_required.data == 'yes':
stores = stores.filter(
not_(
or_(Store.revisited_government != None,
Store.revisited_user != None,
Store.revisited_store != None,
Store.revisited_admin != None,
Store.revisited_organisation != None)))
else:
stores = stores.filter(
or_(Store.revisited_government != None,
Store.revisited_user != None,
Store.revisited_store != None,
Store.revisited_admin != None,
Store.revisited_organisation != None))
count = stores.count()
stores = stores.order_by(getattr(getattr(Store, form.sort_field.data), form.sort_order.data)())\
.limit(current_app.config['ITEMS_PER_PAGE'])\
.offset((form.page.data - 1) * current_app.config['ITEMS_PER_PAGE'])\
.all()
for store in stores:
item = store.to_dict()
data.append(item)
return json_response({'data': data, 'status': 0, 'count': count})
def archive_category_upload_file(archive_id, category_id):
if not current_user.has_capability('admin'):
abort(403)
archive = Category.get_or_404(archive_id)
category = Category.get_or_404(category_id)
elastic_request = ElasticRequest(
current_app.config['ELASTICSEARCH_DOCUMENT_INDEX'] + '-latest',
'document'
)
elastic_request.set_fq('category_with_parents', category_id)
elastic_request.query_parts_should = [
{"range": {"file_missing_count": {"gte": 1}}},
{"range": {"file_count": {"gte": 1}}}
],
elastic_request.set_limit(32000)
elastic_request.query()
documents = elastic_request.get_results()
if request.files:
uploaded_file = request.files['file']
# Hacky way of uploading files because at Stadtarchiv Moers, there's no connection between Document and File in XML
print(archive.title)
if archive.title == 'Stadtarchiv Moers':
document, matching_file = get_matching_document_file_stadtarchiv_moers(archive, uploaded_file)
if not document:
return jsonify({'error': 'Dateiname wurde in keinem Dokument dieser Kategorie gefunden.'}), 400
else:
matching_file_as_dict, document_as_dict = get_matching_file(uploaded_file, documents)
if not matching_file_as_dict:
return jsonify({'error': 'Dateiname wurde in keinem Dokument dieser Kategorie gefunden.'}), 400
# we need to fetch this document and assign it to the matching_file, because the process_file
# function will use this property later on - mongoengine does not dereference it.
document = Document.get(document_as_dict.get('id'))
if not document:
return jsonify({'error': 'Das angegebene Dokument ist indiziert, wurde jedoch nicht in der Datenbank gefunden.'}), 400
matching_file = File.get(matching_file_as_dict.get('id'))
if not matching_file:
return jsonify({'error': 'Die angegebene Datei ist indiziert, wurde jedoch nicht in der Datenbank gefunden.'}), 400
matching_file.mimeType = uploaded_file.content_type
matching_file.document = document
matching_file.save()
if matching_file not in matching_file.document.files:
if matching_file.document.files:
matching_file.document.files.append(matching_file)
else:
matching_file.document.files = [matching_file]
matching_file.document.save()
# This should be part of the process_file function
path = os.path.join(current_app.config['TEMP_UPLOAD_DIR'], str(matching_file.id))
uploaded_file.seek(0)
uploaded_file.save(path)
process_file.delay(str(matching_file.id))
return jsonify(success=True)
def archive_show(archive_id):
if not current_user.has_capability('admin'):
abort(403)
archive = Category.get_or_404(archive_id)
return render_template(
'admin-archive-show.html',
archive=archive,
children=archive.get_dict_with_children(True).get('children'))
def user_new():
if not current_user.has_capability('admin'):
abort(403)
if current_user.has_capability('admin'):
form = UserAdminForm()
else:
form = UserForm()
if form.validate_on_submit():
user = User()
form.populate_obj(user)
user.password = get_random_password()
user.capabilities = ['admin']
db.session.add(user)
db.session.commit()
flash('Nutzer erfolgreich gespeichert', 'success')
return redirect('/admin/users')
return render_template('user-new.html', form=form)
def user_switch(user_id):
newuser = User.query.get(user_id)
if not newuser:
abort(403)
if current_user.has_capability('admin'):
session['emulate-user-id'] = user_id
return redirect('/')
abort(403)
def archive_category_show(archive_id, category_id):
if not current_user.has_capability('admin'):
abort(403)
archive = Category.get_or_404(archive_id)
category = Category.get_or_404(category_id)
return render_template('category-show.html',
archive=archive,
category=category)
def store_suggestion_edit(suggestion_id):
if not current_user.has_capability('editor'):
abort(403)
object_dump = ObjectDump.query.get_or_404(suggestion_id)
store = Store.query.get_or_404(object_dump.object_id)
return render_template('store-suggestion-edit.html',
object_dump=object_dump,
store=store)
def store_show(store_id):
if not current_user.has_capability('editor'):
abort(403)
store = Store.query.get_or_404(store_id)
opening_times = OpeningTime.query.filter_by(store_id=store.id).order_by(
OpeningTime.weekday, OpeningTime.open).all()
return render_template('store-show.html',
store=store,
opening_times=opening_times)
def archive_category_edit(document_id):
if not current_user.has_capability('admin'):
abort(403)
document = Document.get_or_404(document_id)
form = DocumentForm(obj=document)
if form.validate_on_submit():
form.populate_obj(document)
document.save()
return redirect('/document/%s' % document.id)
return render_template('document-edit.html', document=document, form=form)
def admin_document_file_show(document_id, file_id):
if not current_user.has_capability('admin'):
abort(403)
document = Document.get_or_404(document_id)
file = File.get_or_404(file_id)
return render_template('document-file-show.html',
document=document,
file=file,
url=get_first_thumbnail_url(document.id, file.id,
1200))
def subsite_edit(subsite_id):
if not current_user.has_capability('admin'):
abort(403)
subsite = Subsite.get_or_404(subsite_id)
form = SubsiteForm(obj=subsite)
if form.validate_on_submit():
form.populate_obj(subsite)
subsite.save()
flash('Subsite %s gespeichert.' % subsite.title, 'success')
return redirect('/admin/subsites')
return render_template('subsite-edit.html', form=form, subsite=subsite)
def subsite_new():
if not current_user.has_capability('admin'):
abort(403)
form = SubsiteForm()
if form.validate_on_submit():
subsite = Subsite()
form.populate_obj(subsite)
subsite.save()
flash('Subsite %s gespeichert.' % subsite.title, 'success')
return redirect('/admin/subsites')
return render_template('subsite-new.html', form=form)
def user_new():
if not current_user.has_capability('admin'):
abort(403)
form = UserForm()
if form.validate_on_submit():
user = User()
form.populate_obj(user)
user.save()
flash('User %s gespeichert.' % user.email, 'success')
return redirect('/admin/users')
return render_template('user-new.html', form=form)
def user_edit(user_id):
if not current_user.has_capability('admin'):
abort(403)
user = User.get_or_404(user_id)
form = UserForm(obj=user)
if form.validate_on_submit():
form.populate_obj(user)
user.save()
flash('User %s gespeichert.' % user.email, 'success')
return redirect('/admin/users')
return render_template('user-edit.html', form=form, user=user)
def archive_edit(archive_id):
if not current_user.has_capability('admin'):
abort(403)
category = Category.get_or_404(archive_id)
form = ArchiveForm(obj=category)
if form.validate_on_submit():
form.populate_obj(category)
category.save()
flash('Archiv %s gespeichert.' % category.title, 'success')
return redirect('/admin/archives')
return render_template('archive-edit.html', form=form, archive=category)
def archive_new():
if not current_user.has_capability('admin'):
abort(403)
form = ArchiveForm()
if form.validate_on_submit():
category = Category()
form.populate_obj(category)
category.save()
flash('Archiv %s gespeichert.' % category.title, 'success')
return redirect('/admin/archives')
return render_template('admin-archive-new.html', form=form)
def user_delete(user_id):
if not current_user.has_capability('admin'):
abort(403)
user = User.get_or_404(user_id)
form = UserDeleteForm()
if form.validate_on_submit():
if form.abort.data:
return redirect('/admin/users')
user.delete()
flash('User %s gelöscht.' % user.email, 'success')
return redirect('/admin/users')
return render_template('user-delete.html', form=form, user=user)
def admin_document_show(document_id):
if not current_user.has_capability('admin'):
abort(403)
document = Document.get_or_404(document_id)
categories = []
for i in range(0, len(document.category)):
category = document.category[i]
categories.append([])
while category:
categories[i].insert(0, category)
category = category.parent
document.categories = categories
return render_template('document-show.html', document=document)
def archive_delete(archive_id):
if not current_user.has_capability('admin'):
abort(403)
category = Category.get_or_404(archive_id)
form = ArchiveDeleteForm()
if form.validate_on_submit():
if form.abort.data:
return redirect('/admin/archives')
category.delete()
flash('Archiv %s gelöscht.' % category.title, 'success')
return redirect('/admin/archives')
return render_template('archive-delete.html', form=form, archive=category)
def __init__(self, all_option=False, limit_allowed=False, **kwargs):
self.simple_validate = getattr(kwargs['_form'], 'simple_validate', False)
super(RegionField, self).__init__(**kwargs)
self.choices = [('_all', 'beliebig')] if all_option else [('0', 'bitte wählen')]
if self.simple_validate:
return
regions = Region.query
if limit_allowed and not current_user.has_capability('admin'):
regions = regions.filter(Region.user.contains(current_user))
regions = regions.order_by(Region.name).all()
for region in regions:
self.choices.append((str(region.id), region.name))
def subsite_delete(subsite_id):
if not current_user.has_capability('admin'):
abort(403)
subsite = Subsite.get_or_404(subsite_id)
form = SubsiteDeleteForm()
if form.validate_on_submit():
if form.abort.data:
return redirect('/admin/subsites')
subsite.delete()
flash('Subsite %s gelöscht.' % subsite.title, 'success')
return redirect('/admin/subsites')
return render_template('subsite-delete.html', form=form, subsite=subsite)
def category_edit(category_id):
if not current_user.has_capability('admin'):
abort(403)
category = Category.query.get_or_404(category_id)
form = CategoryForm(obj=category)
if form.validate_on_submit():
form.populate_obj(category)
db.session.add(category)
db.session.commit()
upload_files(form, category, 'category')
flash('Category erfolgreich gespeichert', 'success')
return redirect('/admin/categorys')
return render_template('category-edit.html', form=form, category=category)
def api_admin_archive_category_table(category_id, filename):
if not current_user.has_capability('admin'):
abort(403)
category = Category.get_or_404(category_id)
check_uuid_filename(filename)
dit = DataImportTable(filename)
return json_response({
'status': 0,
'data': {
'header': dit.header,
'datasets': dit.preview
}
})
def region_edit(region_id):
region = Region.query.get_or_404(region_id)
if not current_user.has_capability(
'admin') and region not in current_user.region:
abort(403)
form = RegionForm(obj=region)
if form.validate_on_submit():
form.populate_obj(region)
db.session.add(region)
db.session.commit()
upload_files(form, region, 'region')
flash('Region erfolgreich gespeichert', 'success')
return redirect('/admin/regions')
return render_template('region-edit.html', form=form, region=region)
