def admin_register():
if request.method == 'POST':
fname = request.form['fname']
lname = request.form['lname']
email = request.form['email']
password = request.form['password']
confirmpass = request.form['confirmpass']
# check if password and confirm password match
if password != confirmpass:
flash('Passwords do not match', 'danger')
return redirect(url_for('admin_register'))
elif (Admin.check_admin_exist(email)):
flash('Email already in use', 'danger')
return redirect(url_for('admin_register'))
else:
# hash the password
hashedpass = bcrypt.generate_password_hash(password).decode(
'utf-8')
adm = Admin(firstname=fname,
lastname=lname,
email=email,
password=hashedpass)
adm.insert_record()
flash('Admin successfully created', 'success')
return redirect(url_for('admin_register'))
return render_template('adminregister.html')
def get_form_admin(request):
user_name = request.POST.get('user_name', '')
password = request.POST.get('password', '')
tmp_admin = Admin()
tmp_admin.username = user_name
tmp_admin.password = password
return tmp_admin
def create():
data = request.json
name = data.get('name')
email = data.get('email')
password = data.get('password')
if name and email and password:
admin = Admin(name=name, email=email, password=password)
if admin.save():
token = create_access_token(identity=admin.id)
return jsonify({
"auth_token": token,
"message": "Successfully created an admin and signed in",
"status": "success",
"admin": {
"id": admin.id,
"name": admin.name,
"email": admin.email
}
})
elif admin.errors != 0:
return jsonify({
"message": [error for error in admin.errors],
"status": "failed"
})
else:
return jsonify({
"message": "All fields are required!",
"status": "failed"
})
def register():
sql = Admin()
user = str(input('Usuario: '))
senha = str(input('Senha do usuario: '))
sql.register(user, senha)
def admin_home():
if request.method == 'GET':
admin = Admin()
admin.initialize_admin(session['admin'])
return render_template(
'admin_home.html',
leaderboard=admin.leaderboard # admin.leaderboard
)
def blockAccount(type, username):
if session["type_account"] != "admin" or type not in [
"block", "active", "deny"
]:
return
Admin().lockAccount(username, type, "owner")
Admin().lockAccount(username, type, "renter")
return app.response_class(json.dumps({"message": "ok"}),
mimetype='application/json')
def register(id):
"""
# 社团管理员注册
# status: OVER
:param id: 管理员身份编号
"""
if Admin.query.get(id):
raise RegisterFailed(u'该社团已注册管理员')
form = AdminRegisterForm(data=request.json).validate_or_error()
Admin.register(id, form.account.data, form.password.data)
return RegisterSuccess(msg=u'账号注册成功')
def post(self):
req_json = json.dumps(request.get_json())
try:
load_data, errors = LoginSchema().loads(req_json)
if errors:
return errors, 400
new_user = Admin(phone_number=load_data['phone_number'], password=load_data['password'], role= 1 if load_data['user_type'] == 'wechat' else 2)
new_user.add(new_user)
except SQLAlchemyError as e:
return e.message, 500
return AdminTestSchema().dump(new_user), 201
def admin_edit(request, admin_id=0):
'''管理员编辑
'''
admin_id = admin_id or int(request.REQUEST.get('id', '0'))
if admin_id:
model = request.admin.get_manageable_admin().get(id=admin_id)
model.password = ''
else:
model = Admin()
model.id = admin_id
return render_to_response('system/admin_edit.html', locals())
def login():
loginUsers = Admin()
usuario = str(input('Usuario: '))
senha = str(input('Senha: '))
users = loginUsers.checkUser(usuario, senha)
if users.fetchall():
return True
else:
return False
def add_admin(update: Update, _context: CallbackContext) -> None:
user_id = update.message.text.partition(' ')[2]
user_id = int(user_id)
if is_user_owner(update.effective_user.id):
admin = Admin()
admin.admin_user_id = user_id
admin.save()
update.message.reply_text(f"User {user_id} has been added as admins")
def del_admin(update: Update, _context: CallbackContext) -> None:
user_id = update.message.text.partition(' ')[2]
# TODO: Check if the value is of type `int`
user_id = int(user_id)
if is_user_owner(update.effective_user.id):
if is_user_admin(user_id):
Admin.where('admin_user_id', '=', user_id).delete()
update.message.reply_text(f"User {user_id} is no longer an admin")
else:
update.message.reply_text(f"User {user_id} is not admin")
def editAccount(type, username):
if session["type_account"] != "admin" or type not in [
"enable", "unenable", "accept", "deny"
]:
return
if type == "enable":
Admin().setEnableEditAccountOwner(username)
elif type == "unenable":
Admin().setUnEnableEditAccountOwner(username)
else:
Admin().handlingEditAccount(username, type) # accept/deny
return app.response_class(json.dumps({"message": "ok"}),
mimetype='application/json')
def post(self):
logging.info(self.request.POST)
token = self.request.get('token')
info = json.loads(self.request.get('info'))
values = {
'token': token,
'company_id': info['company_id'],
'delivery_terminal_id': info['venue_id']
}
admin = Admin(**values)
admin.put()
self.render_json({'status': 'success'})
def create_admin(req):
try:
if current_user.is_authenticated:
return Errors("Already logedin", 400).to_json()
if valid_username(req['username']):
password = bcrypt.generate_password_hash(
req['password']).decode('utf-8')
admin = Admin(username=req['username'], password=password)
admin.save_to_db()
return admin.to_json()
return Errors("Username Already Taken", 400).to_json()
except KeyError:
errors.append({'msg': 'Missing Important Keys'})
def check():
session_id = request.cookies.get('Session-id', None)
response = jsonify({
'status': 'fail',
})
if session_id is not None:
log(session_id)
if Admin.is_valid_login(session_id):
response = jsonify({
'status': 'ok',
'name': Admin.current_admin().name,
})
return response
def searchAccount(typeAccount, stringSearch):
if session["type_account"] != "admin" or typeAccount not in [
"owner", "renter"
]:
return
stringSearch = stringSearch.title()
if typeAccount == "owner":
return app.response_class(json.dumps(
Admin().searchAccountOwner(stringSearch)),
mimetype='application/json')
else:
return app.response_class(json.dumps(
Admin().searchAccountRenter(stringSearch)),
mimetype='application/json')
def admin_login():
# get email and password : IN OTHER ITERATIONS WE CAN GET POST from hidden ajax login form
email = request.form['email']
password = request.form['password']
admincode = request.form['admincode']
# if POST used properly passed through Ajax created form in process_login.js .done() function
if request.method == 'POST':
# if login_valid method in user.py class returns TRUE
if Admin.login_valid(email=email, password=password):
# check on admincode code verification HERE
if admincode == '11111':
# start session in admin.py class
Admin.login(email)
return render_template('admin_profile.html', email=session['email'])
return render_template('login_error.html', error='The email or password credentials do not match.')
def render_admin_hub(uri):
if session['email'] is None:
return redirect("https://kcbootcampers-api-heroku.herokuapp.com/login")
cookie_uri = request.cookies.get('login_id')
if cookie_uri == uri:
users = Admin.get_all()
posts = Post.get_all()
posts.reverse()
assignments = Assignment.get_all()
assignments.reverse()
others = Other.get_all()
others.reverse()
videos = Video.get_all()
videos.reverse()
books = Book.get_all()
books.reverse()
return render_template(
"admin_hub.html",
href="https://kcbootcampers-api-heroku.herokuapp.com/admin/hub/" +
cookie_uri,
acc=session['email'],
posts=posts,
users=users,
assignments=assignments,
others=others,
videos=videos,
books=books,
uri=uri,
display='all')
else:
return render_template(
"expired.html",
acc="Account" if session['email'] is None else session['email'])
def create_app():
app = Flask(__name__)
if app.env == 'development':
app.config.from_object('config.DevelopConfig')
else:
app.config.from_object('config.BaseConfig')
# init ORM
with app.app_context():
db.init_app(app)
db.create_all()
# check if admin entry already exists and if not, add it
if not Admin.query.filter_by(created=True).first():
admin_instance = Admin()
db.session.add(admin_instance)
db.session.commit()
Limiter(app, default_limits=app.config.get('REQUEST_LIMITS'), key_func=get_remote_address)
app.wsgi_app = ProxyFix(app.wsgi_app, x_for=app.config.get('NUM_PROXIES'))
app.register_blueprint(auth.blueprint)
app.register_blueprint(users.blueprint)
app.register_blueprint(admin.blueprint)
CORS(app)
return app
def create_admin():
admin = Admin(
email='*****@*****.**',
password='******'
)
db.session.add(admin)
db.session.commit()
def post(self, node_uuid):
tm = TreeManager(NodeTree, db.session)
if tm is None:
return ret_msg(status=False, msg="get manager handle failed.")
status, basic_node = tm.find_node(node_uuid=node_uuid)
if status is False:
return ret_msg(status=False, msg=basic_node)
req_json = json.dumps(request.get_json())
load_data, errors = InNodeSchema().loads(req_json)
if errors:
return ret_msg(status=False, msg="parse request data failed.")
new_node = NodeTree(title=load_data['title'],
is_student=load_data['is_student'])
if load_data['is_student']:
user_set = []
patriarch_list = json.loads(json.dumps(load_data['patriarch']))
for ite in patriarch_list:
user_set.append(
Admin(phone_number=ite,
password=ite[-4:],
uuid=uuid.uuid1(),
nodes=[
new_node,
]))
new_node.users = user_set
status, error = tm.add_node(node_uuid=node_uuid, node=new_node)
if status is False:
return ret_msg(status=False, msg=error)
return ret_msg(status=True, msg="add success")
def index():
admins = Admin.select()
return jsonify([{
"name": admin.name,
"id": admin.id,
"email": admin.email
} for admin in admins])
def post(self):
token = self.request.get("token")
admin = Admin.query(Admin.token == token).get()
if not admin:
self.abort(401)
delivery_terminal = DeliveryTerminal.get_by_id(
admin.delivery_terminal_id)
if not delivery_terminal:
self.send_error(u'Вы не привязаны к точке')
stop_list = json.loads(self.request.get('stop_list'))
for item_id in stop_list.get('stopped'):
item = get_product_from_menu(admin.company_id, product_id=item_id)
if not item:
return self.send_error(u'Продукт не найден')
if item_id in delivery_terminal.item_stop_list:
return self.send_error(u'Продукт %s уже в стоп-листе' %
item.get('name', ''))
delivery_terminal.item_stop_list.append(item_id)
for item_id in stop_list.get('recovered'):
item = get_product_from_menu(admin.company_id, product_id=item_id)
if not item:
return self.send_error(u'Продукт не найден')
if item_id not in delivery_terminal.item_stop_list:
return self.send_error(u'Продукт %s еще не в стоп-листе' %
item.get('name', ''))
delivery_terminal.item_stop_list.remove(item_id)
delivery_terminal.put()
self.render_json({'success': True})
def register_user():
# get admin form data
admin = request.form['admin']
if request.form['admincode'] is not None:
admincode = request.form['admincode']
else:
admincode = ""
# make name suitable for db
fname = request.form['fname']
lastname = request.form['lastname']
name = lastname + ', ' + fname
# get email and password
email = request.form['email']
password = request.form['password']
cardinfo = {
'cardname': request.form['cardname'],
'cardnumber': request.form['cardnumber'],
'cardcode': request.form['cardcode'],
'zipcode': request.form['zipcode']
}
acode = {
'admincode': admincode
}
if request.method == 'POST':
if admin == "1":
# default code for admin registration
if admincode == '11111':
# add another layer by seeing if 'email' contains @specific_company_name
if Admin.register(name=name, email=email, password=password, usertype='admin', userinfo=acode) is False:
return render_template('duplicate_user.html', error='Admin Email Already Registered as User')
else:
Admin.register(name=name, email=email, password=password, usertype='admin', userinfo=acode)
meetings = []
return render_template('admin_profile.html', email=email, name=name, meetings=meetings)
else:
if Client.register(name=name, email=email, password=password, usertype='client',
userinfo=cardinfo) is False:
return render_template('duplicate_user.html', error='Client Email Already Registered as User')
else:
Client.register(name=name, email=email, password=password, usertype='client', userinfo=cardinfo)
meetings = []
return render_template('client_profile.html', email=email, name=name, meetings=meetings)
return render_template('registration_error.html', error='Invalid registration')
def admin_login():
if request.method == 'GET':
return render_template(
'admin_login.html', msg='Enter admin username and password'
)
elif request.method == 'POST':
username = request.form['username']
password = request.form['password']
admin = Admin()
if admin.login(username, password):
session['admin'] = username
return redirect(url_for('admin_home'))
else:
return render_template(
'admin_login.html', msg='Invalid Credentials'
)
def login_admin(): # renders the overview page
email = request.form['email']
password = request.form['password']
if Admin.is_login_valid(email, password): # is True
Admin.login(email)
session['email'] = email
else:
session['email'] = "no email"
return "ADMIN NOT FOUND, PLEASE CHECK YOUR CREDENTIALS, OR CONTACT SERVER ADMINISTRATOR"
# collection = 'students'
students = Database.find(collection='students', query={})
# return "HELLO"
return render_template("overview_page.html",
email=session['email'],
students=students)
def editInfoAccount():
if "type_account" not in session:
return redirect("/dang-nhap")
if session["type_account"] == "renter":
return render_template("edit-infoB.html")
elif session["type_account"] == "owner":
if Admin().checkOwnerEditAccount(session["username"]):
return render_template("edit-detail-infoA.html")
def get(self):
token = self.request.get("token")
admin = Admin.query(Admin.token == token).get()
if not admin:
self.abort(401)
menu = get_menu(admin.company_id)
processed_menu = [_process_category(c) for c in menu]
self.render_json({"menu": processed_menu})
def me():
admin_id = get_jwt_identity()
admin = Admin.get_or_none(Admin.id == admin_id)
if admin:
return jsonify({
"id": admin.id,
"name": admin.name,
"email": admin.email
})
def post(self, request):
# 注册
username = request.json.get("username")
password = request.json.get("password")
nickname = request.json.get("nickname")
account_type = request.json.get("account_type")
if not all([username, password, nickname, account_type]):
return JsonErrorResponse("username, password, nickname, account_type are needed", 400)
new_admin = Admin(
username=username,
password=password,
nickname=nickname,
account_type=account_type
)
try:
new_admin.save()
except Exception, e:
print e
return JsonErrorResponse("Fail" + e.message)
