def find_customer(request):
form_value = {}
form_id = '%{}%'
if request.args.get('id') is None:
form_id = form_id.format('')
form_value['id'] = ''
else:
form_id = form_id.format(request.args.get('id'))
form_value['id'] = request.args.get('id')
form_name = '%{}%'
if request.args.get('name') is None:
form_name = form_name.format('')
form_value['name'] = ''
else:
form_name = form_name.format(request.args.get('name'))
form_value['name'] = request.args.get('name')
form_phone = '%{}%'
if request.args.get('phone') is None:
form_phone = form_phone.format('')
form_value['phone'] = ''
else:
form_phone = form_phone.format(request.args.get('phone'))
form_value['phone'] = request.args.get('phone')
error = None
dao = BaseDao()
form_object = {'id': form_id, 'name': form_name,'phone': form_phone}
g.form_value = form_value
customer_results = dao.excute_query(query_sql.QUERY_FIND_CUSTOMER, form_object)
table = build_customer_table(customer_results)
return table
def find_user(request):
error = None
dao = BaseDao()
form_value = {}
form_id = '%{}%'
if request.args.get('id')is None:
form_id = form_id.format('')
form_value['id'] = ''
else:
form_id = form_id.format(request.args.get('id'))
form_value['id'] = request.args.get('id')
form_username = '******'
if request.args.get('username')is None:
form_username = form_username.format('')
form_value['username'] = ''
else:
form_username = form_username.format(request.args.get('username'))
form_value['username'] = request.args.get('username')
form_usergroup = '%{}%'
if request.args.get('usergroup')is None:
form_usergroup = form_usergroup.format('')
form_value['usergroup'] = ''
else:
form_usergroup = form_usergroup.format(request.args.get('usergroup'))
form_value['usergroup'] = request.args.get('usergroup')
form_object = {'id':form_value['id'], 'username':form_value['username'],
'usergroup':form_value['usergroup']}
results = dao.excute_query(query_sql.QUERY_FIND_ALL_USER, form_object)
table = build_table(results)
return table.__html__()
def maintain_user():
dao = BaseDao()
error = None
if request.method == 'POST':
id = request.form['user_id']
username = request.form['username']
password = request.form['password']
usergroup = request.form['usergroup']
isUpdate = False
sql = None
if id =='':
last_id_result = dao.excute_query(query_sql.QUERY_FIND_LAST_USER_ID)
id = last_id_result[0]['id'] +1
sql = insert_update_sql.UPSERT_USER
else:
isUpdate = True
sql = insert_update_sql.UPDATE_USER
params = {'id':id,
'username':username,
'password':password,
'usergroup':usergroup}
result = dao.excute_upsert(sql, params)
return str(result.rowcount)
else:
user_id = request.args.get('id')
user = None
if user_id is not None:
user = dao.excute_query(
query_sql.QUERY_FIND_USER_BY_ID, {'id': user_id}
)[0]
return render_template('admin/user.html', user=user)
def branch_trans_report(branch_id):
error = None
dao = BaseDao()
form_object = {'branch_id': g.agent['branch_id']}
transaction_results = dao.excute_query(query_sql.QUERY_BRANCH_REPORT,
form_object)
table = build_report_table(transaction_results)
return table
def branch_trans_report_summary(branch_id):
error = None
dao = BaseDao()
form_object = {'branch_id': g.agent['branch_id']}
report_results = dao.excute_query(
query_sql.QUERY_BRANCH_REPORT_BRANCH_SUMMARY, form_object)
return report_results
def find_agent_by_branch(id):
error = None
dao = BaseDao()
form_object = {'branch_id': id}
transaction_results = dao.excute_query(
query_sql.QUERY_FIND_AGENT_BY_BRANCH, form_object)
table = build_agent_table(transaction_results)
return table
def find_property_by_preference(pref_id, type):
dao = BaseDao()
form_object = {'prefId': pref_id}
if type == 'sale':
property_results = dao.excute_query(query_sql.QUERY_FIND_SELLING_PROPERTY_BY_PREFERENCE, form_object)
else:
property_results = dao.excute_query(query_sql.QUERY_FIND_RENTAL_PROPERTY_BY_PREFERENCE, form_object)
return property_results
def maintain_property():
dao = BaseDao()
error = None
trans_types = property.list_trans_type()
property_owners = property.find_property_owner()
district_list = find_district()
estate_list = find_estate()
if request.method == 'POST':
id = request.form['property_id']
if id =='':
last_id_result = dao.excute_query(query_sql.QUERY_FIND_LAST_PROPERTY)
id = last_id_result[0]['id'] +1
district = request.form['district']
estate = request.form['estate']
block = request.form['block']
floor = request.form['floor']
flat = request.form['flat']
area = request.form['area']
bedrooms = request.form['bedrooms']
hascarpark = request.form['hascarpark']
selling_price = request.form['selling_price']
rental_price = request.form['rental_price']
trans_type = request.form['type']
owner = request.form['owner']
if selling_price is None or selling_price == '':
selling_price = 0
if rental_price is None or rental_price == '':
rental_price = 0
params = {'id':id,
'district_id':district,
'estate_id':estate,
'block':block,
'floor':floor,
'flat':flat,
'gross_floor_area':area,
'number_of_bedrooms':bedrooms,
'provide_car_park':hascarpark,
'selling_price':selling_price,
'rental_price':rental_price,
'trans_type':trans_type,
'owner_id':owner}
result = dao.excute_upsert(insert_update_sql.UPSERT_PROPERTY, params)
return str(result.rowcount)
else:
property_id = request.args.get('id')
property_result = None
if property_id is not None:
property_result = dao.excute_query(
query_sql.QUERY_FIND_PROPERTY_BY_ID, {'id': property_id}
)[0]
return render_template('admin/property.html', property=property_result,
trans_types=trans_types, districts=district_list, estates=estate_list,
property_owners=property_owners)
def find_transaction(request):
error = None
dao = BaseDao()
form_type = '%{}%'
form_type = form_type.format('')
form_object = {'agent_id': g.agent['agent_id'], 'type': form_type}
transaction_results = dao.excute_query(
query_sql.QUERY_FIND_TRANSACTION_BY_AGENT, form_object)
table = build_transaction_table(transaction_results)
return table
def find_property(request, isAdmin):
form_value = {}
form_estate = '%{}%'
if request.args.get('estate') is None:
form_estate = form_estate.format('')
form_value['estate'] = ''
else:
form_estate = form_estate.format(request.args.get('estate'))
form_value['estate'] = request.args.get('estate')
form_district = '%{}%'
if request.args.get('district') is None:
form_district = form_district.format('')
form_value['district'] = ''
else:
form_district = form_district.format(request.args.get('district'))
form_value['district'] = request.args.get('district')
form_owner_name = '%{}%'
if request.args.get('owner') is None:
form_owner_name = form_owner_name.format('')
form_value['owner'] = ''
else:
form_owner_name = form_owner_name.format(request.args.get('owner'))
form_value['owner'] = request.args.get('owner')
form_type = request.args.get('type')
if form_type is None:
form_type = 'both'
form_value['type'] = request.args.get('type')
error = None
dao = BaseDao()
form_object = {
'estate': form_estate,
'district': form_district,
'type': form_type,
'owner_name': form_owner_name
}
g.form_value = form_value
property_results = dao.excute_query(query_sql.QUERY_FIND_PROPERTY,
form_object)
if isAdmin:
table = build_admin_table(property_results)
else:
table = build_table(property_results)
return table
def find_user_by_username(username, is_super_user):
engine = db.get_db()
statement = text("Select * from hkpUser where username = :username and is_superuser = :is_superuser;")
result_proxy = engine.execute(statement,
{"username":username, "is_superuser": is_super_user})
result_list = BaseDao.result_proxy_to_list(result_proxy)
return result_list
def login():
print('[Controller] login')
error = None
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
dao = BaseDao()
user_results = dao.excute_query(query_sql.QUERY_FIND_USER_BY_USERNAME,
{'username': username})
agent_result = dao.excute_query(query_sql.QUERY_FIND_AGENT_BY_USERNAME,
{'username': username})
user = None
agent = None
if user_results is None or len(user_results) == 0:
error = 'Incorrect username or password.'
else:
user = user_results[0]
result_password = user['password']
print(result_password + ' vs ' + password)
if not (result_password == password):
if check_password_hash(result_password, password):
pass
else:
error = 'Incorrect username or password.'
if error is None:
session.clear()
session['user_id'] = user['id']
if agent_result is not None and len(agent_result) > 0:
agent = agent_result[0]
if agent is not None:
session['agent_id'] = agent['agent_id']
if user['usergroup'] == 'admin':
return redirect(url_for('admin.home'))
else:
return redirect("/")
flash(error)
return render_template('auth/login.html', error=error)
def load_logged_in_user():
user_id = session.get('user_id')
agent_id = session.get('agent_id')
if user_id is None:
g.user = None
else:
dao = BaseDao()
g.user = dao.excute_query(query_sql.QUERY_FIND_USER_BY_ID,
{'id': user_id})[0]
if agent_id is None:
g.agent = None
else:
dao = BaseDao()
g.agent = dao.excute_query(query_sql.QUERY_FIND_AGENT_BY_ID,
{'id': agent_id})[0]
def delete_property():
dao = BaseDao()
id = request.form['id']
params = {'id': id}
result = dao.excute_upsert(insert_update_sql.DELETE_PROPERTY, params)
return str(result.rowcount)
def find_agent_by_username(username):
engine = db.get_db()
statement = text("Select * from agent where username = :username;")
result_proxy = engine.execute(statement, {"username": username})
result_list = BaseDao.result_proxy_to_list(result_proxy)
return result_list
def delete_user():
dao = BaseDao()
id = request.form['id']
params = {'id':id}
result = dao.excute_upsert(insert_update_sql.DELETE_HKPUSER, params)
return str(result.rowcount)
def find_district():
dao = BaseDao()
results = dao.excute_query(query_sql.QUERY_FIND_DISTRICT)
return results
def find_estate():
dao = BaseDao()
results = dao.excute_query(query_sql.QUERY_FIND_ESTATE)
return results
def find_customer_by_id(customer_id):
dao = BaseDao()
form_object = {'id': customer_id}
customer_results = dao.excute_query(query_sql.QUERY_FIND_CUSTOMER_BY_ID, form_object)
return customer_results
def list_trans_type():
dao = BaseDao()
results = dao.excute_query(query_sql.QUERY_LIST_TRANSACTION_TYPE)
return results
def find_property_owner():
dao = BaseDao()
results = dao.excute_query(query_sql.QUERY_FIND_PROPERTY_OWNER)
return results