def pageInit(subHeading=None, formJS=0):
table_data = declarations.define_tables()
print "<HTML>"
print "<HEAD>"
if formJS:
pmt_utils.generate_form_javascript(table_data, 'inventory',
'inv_admin', 0)
else:
pmt_utils.javaScript("inv_admin")
pmt_utils.title("Inventory")
print "</HEAD>"
pmt_utils.bodySetup()
pmt_utils.mainHeading('Inventory')
if subHeading != None:
pmt_utils.subHeading(subHeading)
pmt_utils.formSetup("inv_admin", declarations.pmt_info['db_name'],
"inv_admin", "return submitForm(document.inv_admin)")
dbResult = pmt_utils.connectDB(declarations.pmt_info['browser_username'],
declarations.pmt_info['browser_password'],
declarations.pmt_info['db_name'])
if dbResult['status'] != 'success':
db = None
status = dbResult['message']
else:
db = dbResult['result']
status = 'success'
return status, table_data, db
def doDelete():
dbResult = pmt_utils.connectDB(declarations.pmt_info['browser_username'],
declarations.pmt_info['browser_password'],
declarations.pmt_info['db_name'])
if dbResult['status'] != 'success':
onQueryLoad = 'displayWindow("Could not connect to the database")'
message = "Could not connect to the database.\n%s" % dbResult['message']
exit(message)
db = dbResult['result']
status, details = db_authentication.password_valid(db,
crypt_salt=db_name,
username=username,
password=password)
if status != 'success':
exit(details)
sqlStatement = "DELETE FROM inventory WHERE id = '%s'" % (
form["key_id"].value)
dbResult = pmt_utils.executeSQL(db, sqlStatement)
if dbResult['status'] != 'success':
onQueryLoad = "return displayWindow('Could not delete item data')"
else:
onQueryLoad = "return displayWindow('Item data successfully deleted')"
db.close()
query_inventory(1)
def verifyUserPass(): db = pmt_utils.connectDB(declarations.pmt_info['browser_username'], declarations.pmt_info['browser_password'], declarations.pmt_info['db_name']) # could not connect to db if db['status'] != 'success': message= "Can not connect to database,\n" + db['message'] pmt_utils.alertsArea(form,message) displayLogin(form) sys.exit(1) status, details = db_authentication.password_valid(db['result'], crypt_salt=db_name, username=username, password=password) if status != 'success': displayLogin(form,details) sys.exit(1) cvs_web_priv=pmt_utils.hasPriv(db['result'],username,'cvs_web') cvs_export_priv=pmt_utils.hasPriv(db['result'],username,'cvs_export') if cvs_web_priv==0 and cvs_export_priv==0: message='User %s does not have access to CVS' % username displayLogin(form, message) sys.exit() return cvs_web_priv,cvs_export_priv
def dbInit():
dbResult=pmt_utils.connectDB(declarations.pmt_info['browser_username'],
declarations.pmt_info['browser_password'],
declarations.pmt_info['db_name'])
if dbResult['status']!='success':
print "Error while connecting to database<BR>"
return "error",None
return 'success',dbResult['result']
def db_table_to_data_file(filename):
dbResult = pmt_utils.connectDB(declarations.pmt_info['browser_username'],
declarations.pmt_info['browser_password'],
declarations.pmt_info['db_name'])
# could not connect to db
if dbResult['status'] != 'success':
print 'Could not connect to database',
sys.exit(1)
pmt_utils.exec_sql_file(db, filename)
def doDelete():
dbResult = pmt_utils.connectDB(declarations.pmt_info['browser_username'],
declarations.pmt_info['browser_password'],
declarations.pmt_info['db_name'])
if dbResult['status'] != 'success':
message='Could not connect to the database.\n%s' % dbResult['message']
onQueryLoad = "displayWindow('%s')" % message
exit(message)
db = dbResult['result']
sql = "SELECT member_username FROM project_members "
sql=sql+"WHERE id = '%s'" % (form['key_id'].value)
dbResult = pmt_utils.executeSQL(db, sql)
if dbResult['status'] != 'success':
messsage='Could not delete project member data'
onQueryLoad = "return displayWindow('%s')" % message
exit(message)
result = dbResult['result']
username = string.strip(result[0]['member_username'])
sql="DELETE FROM project_members WHERE id = '%s'" % (form["key_id"].value)
dbResult = pmt_utils.executeSQL(db, sql)
msg='/var/www/admin/%s.passwd' % (db_name)
deleteUserStatus, output=authentication.delete_pwd_entry(msg,username)
if (dbResult['status'] !='success') or (deleteUserStatus !='success'):
message='Could not delete project member data'
onQueryLoad = "return displayWindow('%s')" % message
exit(message)
sql = "DELETE FROM priviledges WHERE member_username='******'" % username
pmt_utils.executeSQL(db,sql)
message='Project member data successfully deleted'
onQueryLoad = "return displayWindow('%s')" % message
db.close()
query_project_members(1)
def validUserPass(username, password):
dbResult = pmt_utils.connectDB(declarations.pmt_info['browser_username'],
declarations.pmt_info['browser_password'],
declarations.pmt_info['db_name'])
# could not connect to db
if dbResult['status'] != 'success':
pmt_utils.htmlContentType()
print '<html>'
pmt_utils.alertsArea(form, "Can not connect to database")
sys.exit(1)
else:
db = dbResult['result']
status, details = db_authentication.password_valid(db,
crypt_salt=db_name,
username=username,
password=password)
return status
def verifyUserPass():
db = pmt_utils.connectDB(declarations.pmt_info['browser_username'],
declarations.pmt_info['browser_password'],
declarations.pmt_info['db_name'])
# could not connect to db
if db['status'] != 'success':
displayLogin("Can not connect to database,\n" + db['message'])
sys.exit(1)
status, details = db_authentication.password_valid(db['result'],
crypt_salt=db_name,
username=username,
password=password)
if status != 'success':
displayLogin(details)
sys.exit(1)
if pmt_utils.hasPriv(db['result'],username,'upload')==0:
displayLogin('User %s does not have upload privileges' % username)
sys.exit()
def create_db(self):
import declarations
dbResult = pmt_utils.connectDB(self.postgres_username,
self.postgres_password, self.db_name)
# could not connect to db
if dbResult['status'] != 'success':
# database does not exist so we do not have to backup
# table data from previous version of this database
print 'Could not connect to %s database, no db backup to perform.' % (
self.db_name),
else:
# else there is a database that exists with this name
db = dbResult['result']
# backup all tables to dat files
#pmt_utils.exec_sql_file(db, '%s_tables.backup' % (self.db_name))
db.close()
# destroy the previous version of this database
os.system('dropdb %s' % (self.db_name))
# connect to template database to get maximum user
# id in use at this time
dbResult = pmt_utils.connectDB(self.postgres_username,
self.postgres_password, 'template1')
if dbResult['status'] != "success":
print dbResult['message']
sys.exit(1)
db = dbResult['result']
queryResult = pmt_utils.executeSQL(
db, "SELECT MAX(usesysid) FROM pg_user")
if queryResult["status"] != 'success':
print queryResult["status"]
sys.exit(1)
result = queryResult['result']
user_id = result[0]['max']
user_id = user_id + 1
db.close()
# create database
os.system("createdb %s" % (self.db_name))
os.system("/usr/bin/destroyuser " + self.db_admin_username)
# print "Answer NO to the next prompt"
os.system("/usr/bin/createuser -D -A %s" % (self.db_admin_username))
user_id = user_id + 1
os.system("/usr/bin/destroyuser " + self.visitor_username)
# print "Answer NO to the next prompt"
os.system("/usr/bin/createuser -D -A %s" % (self.visitor_username))
dbResult = pmt_utils.connectDB(self.postgres_username,
self.postgres_password, self.db_name)
if dbResult['status'] != "success":
print dbResult['message']
sys.exit(1)
db = dbResult['result']
# queryResult = pmt_utils.executeSQL(db, "DELETE FROM pg_group WHERE groname = 'admins'")
# queryResult = pmt_utils.executeSQL(db, "INSERT INTO pg_group (groname, grosysid, grolist) VALUES ('admins', '1', '{1000}')")
#if queryResult["status"] != 'success':
# print queryResult["status"]
# sys.exit(1)
# queryResult = pmt_utils.executeSQL(db, "DELETE FROM pg_group WHERE groname = 'users'")
# queryResult = pmt_utils.executeSQL(db, "INSERT INTO pg_group (groname, grosysid, grolist) VALUES ('users', '2', '{2000}')")
# if queryResult["status"] != 'success':
# print queryResult["status"]
# sys.exit(1)
queryResult = pmt_utils.executeSQL(
db, "ALTER USER postgres WITH PASSWORD '%s'" %
(self.postgres_password))
if queryResult["status"] != 'success':
print queryResult['message']
sys.exit(1)
queryResult = pmt_utils.executeSQL(
db, "ALTER USER %s WITH PASSWORD '%s'" %
(self.db_admin_username, self.db_admin_password))
if queryResult["status"] != 'success':
print queryResult['message']
sys.exit(1)
queryResult = pmt_utils.executeSQL(
db, "ALTER USER %s WITH PASSWORD '%s'" %
(self.visitor_username, self.visitor_password))
if queryResult["status"] != 'success':
print queryResult['message']
sys.exit(1)
queryResult = pmt_utils.create_tables(db, declarations.define_tables(),
1)
if queryResult["status"] != 'success':
print queryResult['message']
sys.exit(1)
pmt_utils.exec_sql_file(db, self.db_name + '.tables')
grantList = []
privileges = declarations.table_privileges()
for table_name in privileges.keys():
for user_name in privileges[table_name].keys():
grantStatement = "GRANT "
for privilege in privileges[table_name][user_name]:
grantStatement = grantStatement + privilege + ", "
grantStatement = grantStatement[:
-2] + " ON " + table_name + " TO " + user_name
grantList.append(grantStatement)
# grant all privileges to the db admin
grantList.append("GRANT ALL ON " + table_name + " TO " +
self.db_admin_username)
queryResult = pmt_utils.executeSqlItemList(db, grantList, 1)
if queryResult["status"] != 'success':
print "Failed to execute all GRANTS"
sys.exit(1)
def add_user(self, username, password):
self.username = username
self.password = password
if self.prompt and username == None:
while 1:
print "Enter the new username: "******"":
break
else:
print "You must enter a username"
else:
if username != None:
self.username = string.strip(username)
if self.prompt and self.password == None:
while 1:
self.password = getpass.getpass(
prompt='Enter the password for the new user: '******'error'
dbResult = pmt_utils.connectDB(self.postgres_username,
self.postgres_password, self.db_name)
if dbResult['status'] != "success":
print dbResult['message']
return 'error'
self.db = dbResult['result']
queryResult = pmt_utils.executeSQL(
self.db, "SELECT count(*) FROM pg_user WHERE usename = '%s'" %
(self.username))
result = queryResult['result']
rows_which_match = result[0]["count"]
if rows_which_match != 0:
print 'User already exists'
return 'Error'
if queryResult["status"] != 'success':
print queryResult["status"]
return 'error'
queryResult = pmt_utils.executeSQL(
self.db, "SELECT MAX(usesysid) FROM pg_user")
if queryResult["status"] != 'success':
print queryResult["status"]
return 'error'
result = queryResult['result']
user_id = result[0]['max']
user_id = user_id + 1
self.db.close()
print "Answer NO to the next prompt"
os.system("/usr/bin/createuser -i %d -D -U %s" %
(user_id, self.username))
dbResult = pmt_utils.connectDB(self.postgres_username,
self.postgres_password, self.db_name)
if dbResult['status'] != "success":
print dbResult['message']
return 'error'
self.db = dbResult['result']
queryResult = pmt_utils.executeSQL(
self.db,
"ALTER USER %s WITH PASSWORD %s" % (self.username, self.password))
if queryResult["status"] != 'success':
print queryResult['message']
return 'error'
grantList = []
privileges = declarations.table_privileges()
for table_name in privileges.keys():
for user_name in privileges[table_name].keys():
grantStatement = "GRANT "
for privilege in privileges[table_name][user_name]:
grantStatement = grantStatement + privilege + ", "
grantStatement = grantStatement[:
-2] + " ON " + table_name + " TO " + self.username
grantList.append(grantStatement)
grantList.append("GRANT ALL ON pai_id_seq TO %s" % (self.username))
grantList.append("GRANT ALL ON project_members_id_seq TO %s" %
(self.username))
queryResult = pmt_utils.executeSqlItemList(self.db, grantList, 1)
if queryResult["status"] != 'success':
print "Failed to execute all GRANTS"
return 'error'
self.db.close()
return 'success'
form = pmt_utils.getFormData()
db_name=declarations.pmt_info['db_name']
username,password=pmt_utils.getUserPass(form)
print "<HTML>"
print "<HEAD>"
pmt_utils.title("Edit Project Options")
print "</HEAD>"
pmt_utils.bodySetup()
pmt_utils.mainHeading("Project Option Manager")
pmt_utils.subHeading("Add/Delete Options")
if username!=None:
dbResult=pmt_utils.connectDB(declarations.pmt_info['browser_username'],
declarations.pmt_info['browser_password'],
declarations.pmt_info['db_name'])
if dbResult['status'] != 'success':
message="Can not connect to database,\n" + dbResult['message']
pmt_utils.alertsArea(form,message)
sys.exit()
db=dbResult['result']
verifyUserPass(db)
message=''
if form.has_key('add'):
message=addOption(db)
def doUpload():
email_msg=html_msg=''
dbResult = pmt_utils.connectDB(declarations.pmt_info['browser_username'],
declarations.pmt_info['browser_password'],
declarations.pmt_info['db_name'])
# could not connect to db
if dbResult['status'] != 'success':
upload_results('Can not verify you as a valid user<BR>',
'Can not verify you as a valid user', form)
sys.exit()
db = dbResult['result']
# check for valid login
status, details =db_authentication.password_valid(db,
crypt_salt=db_name,
username=username,
password=password)
if status != 'success':
pmt_utils.bodySetup()
pmt_utils.alerts(form, 'Can not verify username/password')
print '<hr><form method=post action=/%s-cgi-bin/upload.pyc>' % db_name
print '<input name=back value="Back to Upload" type=submit>'
print '</body>'
sys.exit()
if pmt_utils.hasPriv(db, username, 'upload')!=1:
pmt_utils.bodySetup()
pmt_utils.alerts(form, 'User %s does not have upload privileges' % username)
print '<hr><form method=post action=/%s-cgi-bin/upload.pyc>' % db_name
print '<input name=back value="Back to Upload" type=submit>'
print '</body>'
sys.exit()
# check for valid upload site
if not os.path.exists('/home/%s' % db_name):
html_msg=html_msg+"Upload site %s does not exist.<BR>" % db_name
html_msg=html_msg+"No archive file was uploaded.<BR>"
email_msg=email_msg+"Upload site %s does not exist.\n" % db_name
email_msg=email_msg+"No archive file was uploaded.\n"
upload_results(html_msg, email_msg, form)
sys.exit()
# format destination for upload
if not form.has_key('folder'):
destination = ''
else:
if form['folder'].value == '/':
destination = ''
else:
destination = form['folder'].value + '/'
if form.has_key('archive'):
# check for filesize is within allowable range
archive_size = len(form['archive'].value)
if archive_size == 0:
msg="Suspicious archive file size of 0. Upload aborted."
email_msg=email_msg+msg
html_msg=html_msg+msg+"<BR>"
upload_results(html_msg,email_msg,form)
sys.exit()
if archive_size > upload_ceiling:
html_msg = 'Archive file size exceeds maximum upload limit '
html_msg = html_msg + 'of %d bytes.<BR>' % (upload_ceiling)
html_msg = html_msg + 'Archive file size is %d bytes.<BR>' % (archive_size)
html_msg = html_msg + 'No archive file was uploaded.<BR>'
email_msg=string.replace(html_msg,"<BR>",'\n')
upload_results(html_msg, email_msg,form)
sys.exit()
archive_name = form['archive'].filename
archive_name = string.strip(archive_name)
# strip off leading \\,/,:
if string.rfind(archive_name,"\\") >= 0:
archive_name = archive_name[string.rfind(archive_name,"\\")+1:]
if string.rfind(archive_name,"/") >= 0:
archive_name = archive_name[string.rfind(archive_name,"/")+1:]
if string.rfind(archive_name,":") >= 0:
archive_name = archive_name[string.rfind(archive_name,":")+1:]
full_path='/home/' + db_name + '/documents/' + destination
full_path_name=full_path + archive_name
# write the archive to the website
try:
archive_file = open(full_path_name, "wb")
except IOError, exception_details:
html_msg = "No permissions to upload file to the website %s. " % db_name
html_msg = html_msg+"Uploaded aborted.<BR>"
html_msg = html_msg + 'File: '+full_path_name
email_msg=string.replace(html_msg,"<BR>",'\n')
email_msg=email_msg+'\nReason: ' + exception_details[1] + '\n\n'
upload_results(html_msg,email_msg,form)
sys.exit()
archive_file.write(form['archive'].value)
archive_file.close()
status, type_of_archive, icon = os_utils.file_type(full_path_name)
createDetails(archive_name, full_path)
# extract archive
if form.has_key('extract'):
if status == 'success':
archive_output=extract(type_of_archive,
full_path_name,full_path,
email_msg,html_msg)
else:
html_msg = 'Uploading unknown file type, in most cases this'
html_msg = html_msg+'is alright but the file should be checked'
email_msg='Upload to %s of an unknown file type.' % db_name
upload_results(html_msg,email_msg,form)
sys.exit()
else:
archive_output=''
status='success'
html_msg = '<TABLE BORDER=0>'
if os.environ.has_key('REMOTE_ADDR'):
html_msg = html_msg +'<TR><TD>Your IP Address:</TD>'
html_msg = html_msg +'<TD>%s</TD></TR>'%(os.environ['REMOTE_ADDR'])
html_msg = html_msg + '<TR><TD>Your browser I.D.:</TD>'
html_msg = html_msg + '<TD><B>%s</B></TD></TR>' % (browser)
fileSize=os.stat(full_path_name)[6]
if type_of_archive == 'TAR' or type_of_archive == 'ZIP':
html_msg = html_msg + '<TR><TD>Archive name is: </TD>'
html_msg = html_msg + '<TD>%s</TD></TR>' % (archive_name)
html_msg = html_msg + '<TR><TD>Archive file size (bytes): </TD>'
html_msg = html_msg + '<TD>%d</TD></TR></TABLE>' %(fileSize)
else:
html_msg = html_msg + '<TR><TD>Filename is: </TD>'
html_msg = html_msg + '<TD>%s</TD></TR>' % (archive_name)
html_msg = html_msg + '<TR><TD>File size (bytes): </TD>'
html_msg = html_msg + '<TD>%s</TD></TR></TABLE>' %(fileSize)
if type_of_archive == 'TAR' or type_of_archive == 'ZIP':
html_msg = html_msg + '<PRE>'
html_msg = html_msg + archive_output
html_msg = html_msg + '</PRE>'
if form.has_key('extract'):
html_msg=html_msg+'<CENTER><B>Your archive file has been uploaded '
html_msg = html_msg + 'and extracted successfully.</B></CENTER>'
else:
html_msg = html_msg + '<CENTER><B>Your file has been successfully '
html_msg = html_msg + 'uploaded.</B></CENTER>'
html_msg = html_msg+'<HR><CENTER><FONT SIZE="-1">'
html_msg = html_msg+"<form method=post action=/%s-cgi-bin/list_docs.pyc>" %db_name
html_msg=html_msg+'<input name=project_name type=hidden value="%s">'%db_name
html_msg = html_msg+"<input name=directory type=hidden "
html_msg = html_msg+'value="%s">' % form['folder'].value
html_msg = html_msg+'<input name=submit type=submit value="View Data Items">'
html_msg = html_msg+"</form>"
link = "http://%s" % (declarations.pmt_info['domain_name'])
html_msg = html_msg+'<CENTER><FONT SIZE="-1"><A HREF="%s">' % link
html_msg = html_msg+'%s</A></FONT></CENTER>'% declarations.pmt_info['domain_name']
if type_of_archive == 'TAR' or type_of_archive == 'ZIP':
email_msg=email_msg+'Archive file was uploaded to %s.\n' % db_name
email_msg=email_msg+'Archive file size (bytes): %d'%os.stat(full_path_name)[6]
email_msg=email_msg+'\nArchive file location: %s' % form['folder'].value
email_msg=email_msg+'\nArchive filename: %s\n' % archive_name
email_msg=email_msg+archive_output + '\n'
else:
email_msg = email_msg+'File was uploaded to %s.\n' % db_name
email_msg = email_msg+'File size (bytes): %d\n' % os.stat(full_path_name)[6]
email_msg = email_msg+'Filename: %s\n' % archive_name
email_msg = email_msg+"File location: %s\n" % form['folder'].value
email_msg = email_msg+archive_output + '\n'
if form.has_key('extract'):
os.remove(full_path_name)
def display_form(display_files=0,alerts=None):
print "<HTML>"
print "<HEAD>"
pmt_utils.javaScript("doc_maintenance")
pmt_utils.title("Documentation Maintenance")
print "</HEAD>"
pmt_utils.bodySetup()
pmt_utils.mainHeading('Documentation Maintenance')
pmt_utils.subHeading('Create and Delete Folders/Files')
pmt_utils.formSetup("doc_maintenance",db_name,"doc_maintenance",None)
dbResult=pmt_utils.connectDB(declarations.pmt_info['browser_username'],
declarations.pmt_info['browser_password'],
declarations.pmt_info['db_name'])
if dbResult['status']!='success':
exit(dbResult['message'])
db=dbResult['result']
status,details = db_authentication.password_valid(db,
crypt_salt=db_name,
username=username,
password=password)
if status!='success':
exit(details)
if not pmt_utils.hasPriv(db,username,'folder_admin'):
msg="User %s does not have folder maintenance priviledges" % username
exit(msg)
print '<hr><br><CENTER><B>Delete Folders/Files</B></CENTER>'
stripped_db=string.lower(string.strip(db_name))
os.chdir(os.path.join('/home',stripped_db,'documents'))
file_list = os_utils.walk_list_files(
directory_name='.',
list_only_files=0,
exclude_list = [],
include_file_type=1)
if len(file_list) > 25:
list_size = 25
else:
list_size = len(file_list)
print '<BLINK><B>WARNING:</B></BLINK><br>'
print 'Any folders or files that you select for deletion are '
print 'permanently deleted. You should have a local backup of '
print 'any folders/files you delete in case you really did not mean '
print 'to delete. Backups are crucial. You have been warned.'
print '<p>Selecting a folder will delete the folder and all files '
print 'under it including sub folders. '
print 'Select folder names with caution.'
print '<p>Your deletes will not be confirmed. '
print 'When you press [Delete Folders/Files] your files are deleted.'
print '<BR><CENTER><B>Select folders/files to delete</B>:<BR>'
print '<SELECT NAME="files_to_remove" SIZE="8" MULTIPLE>'
for curfile in file_list:
print '<OPTION>%s' % (curfile)
print "</SELECT><br>"
java_call="return execute('delete_folder','1')"
print '<input name="delete_folder" type="button" '
print 'value=" Delete Folders/Files " onClick="%s">' % java_call
print '<input name ="website_name_hidden" '
print 'type="hidden" value="%s">' % (db_name)
print "<hr><BR><BR>"
print '<CENTER><B>Create Folder</B></CENTER><BR>'
print '<B>Folder Name</B>: '
print '<input name="folder" type="text" size="50" maxlength="100"><BR>'
java_call="return execute('create','1')"
print '<input name="create" type="button" '
print 'value=" Create Folder " onClick="%s">' % java_call
print '<input name ="website_name_hidden" '
print 'type="hidden" value="%s"><hr>' % (db_name)
if alerts != None:
pmt_utils.alertsArea(form,alerts)
print '</CENTER>'
pmt_utils.textbox(None, 'action', '', '10', '10', None, None, 'hidden')
pmt_utils.textbox(None, 'key_id', '1', '10', '10', None, None,'hidden')
print '</form>'
print '<p align="right">'
print '<A HREF="mailto:[email protected]">Contact Support Team</a>'
print "</body></html>"
def doSave():
table_data = declarations.define_tables()
print "<HTML>"
print "<HEAD>"
pmt_utils.generate_form_javascript(table_data, 'project_info',
'project_admin', 0)
pmt_utils.title("Project Info Administration")
print "</HEAD>"
pmt_utils.bodySetup()
pmt_utils.mainHeading('Project Info Administration')
pmt_utils.subHeading('Edit Project Info')
pmt_utils.formSetup("project_admin", db_name, "project_admin",
"return submitForm(document.project_admin)")
dbResult = pmt_utils.connectDB(declarations.pmt_info['browser_username'],
declarations.pmt_info['browser_password'],
declarations.pmt_info['db_name'])
if dbResult['status'] != 'success':
msg = "Project Info could not be saved, could not connect to db\n"
pmt_utils.alertsArea(form, msg + dbResult['message'])
# generate function button row
project_adminButtons('save')
# generate hidden fields for form
pmt_utils.textbox(None, 'key_id', '', '10', '10', None, None, 'hidden')
pmt_utils.textbox(None, 'action', '', '10', '10', None, None, 'hidden')
pmt_utils.textbox(None, 'item_no', '', '8', '8', None, None, 'hidden')
print "</FORM>"
pmt_utils.trailer(table_data, db)
db.close()
print "</BODY>"
print "</HTML>"
return
db = dbResult['result']
# save the Form
dbResult = pmt_utils.saveForm(table_data, db, None, "project_info",
" WHERE id = '1'", form)
# if the form was not successfully saved
if dbResult['status'] != 'success':
msg = "Project Info could not be saved due to an error during save,\n"
pmt_utils.alertsArea(form, msg + dbResult['message'])
else:
table_data = declarations.define_tables()
table_data = pmt_utils.formToTableData(table_data, 'project_info',
form)
table_data['project_info']['id']['value'] = '1'
pmt_utils.display_form(table_data, 'project_info', 1, 'useValues', 1,
db)
pmt_utils.alertsArea(form, "Project Info successfully saved")
# generate function button row
project_adminButtons('save')
# generate hidden fields for form
pmt_utils.textbox(None, 'key_id', '', '10', '10', None, None, 'hidden')
pmt_utils.textbox(None, 'action', '', '10', '10', None, None, 'hidden')
pmt_utils.textbox(None, 'item_no', '', '8', '8', None, None, 'hidden')
print "</FORM>"
pmt_utils.trailer(table_data, db)
db.close()
print "</BODY>"
print "</HTML>"
def create_database(site_name, pg_password):
# Import the new declarations file
# Create the database
# Create the db user and set password
# Connect to the database as the new user and create the tables
# Set permissions
# Customize and run pmt_site.tables file
print "Creating %s database" % site_name
import declarations
db_name = declarations.pmt_info['db_name']
username = declarations.pmt_info['browser_username']
password = declarations.pmt_info['browser_password']
os.system('createdb -U postgres -q %s >> log.txt 2>> log.txt' % db_name)
os.system('createuser -U postgres -q -D -A %s >> log.txt 2>> log.txt' %
username)
db = pmt_utils.connectDB('postgres', pg_password, db_name)
sqlStatement = "ALTER USER %s WITH PASSWORD '%s'" % (username, password)
pmt_utils.executeSQL(db['result'], sqlStatement)
db = pmt_utils.connectDB(username, password, db_name)
if db['status'] != 'success':
print dbResult['message']
sys.exit(1)
db = db['result']
dbCreate = pmt_utils.create_tables(db, declarations.define_tables(), 0)
if dbCreate['status'] != 'success':
print 'Could not create DB'
sys.exit()
# Create sequences
seqList = ['project', 'pai', 'task', 'spr', 'ecp', 'project_members']
for seq in seqList:
sqlStatement = "CREATE SEQUENCE %s_id_seq START 1" % seq
pmt_utils.executeSQL(db, sqlStatement)
# Grant privileges specified in declarations
privs = declarations.table_privileges()
for table_name in privs.keys():
sqlStatement = "GRANT "
for user in privs[table_name].keys():
for privilege in privs[table_name][user]:
sqlStatement = sqlStatement + privilege + ', '
sqlStatement = sqlStatement[:-2] + ' ON ' + table_name + ' TO ' + user
#print sqlStatement
pmt_utils.executeSQL(db, sqlStatement)
# Customize file, run it, then change it back
os.system('vi -c %s/pmt_usr/%s/g -c wq pmt_site.tables' % ('%s', username))
os.system("psql %s %s -f 'pmt_site.tables' >> log.txt" %
(db_name, username))
#pmt_utils.exec_sql_file(db,'pmt_site.tables')
os.system('vi -c %s/%s/pmt_usr/g -c wq pmt_site.tables' % ('%s', username))
return db
def doEdit():
table_data = declarations.define_tables()
print "<HTML>"
print "<HEAD>"
pmt_utils.generate_form_javascript(table_data, 'project_info',
'project_admin', 0)
pmt_utils.title("Project Info Administration")
print "</HEAD>"
pmt_utils.bodySetup()
pmt_utils.mainHeading('Project Info Administration')
pmt_utils.subHeading('Edit Project Info')
pmt_utils.formSetup("project_admin", db_name, "project_admin",
"return submitForm(document.project_admin)")
dbResult = pmt_utils.connectDB(declarations.pmt_info['browser_username'],
declarations.pmt_info['browser_password'],
declarations.pmt_info['db_name'])
if dbResult['status'] != 'success':
msg = "Could not connect to the database\n"
pmt_utils.alertsArea(form, msg + dbResult['message'])
sys.exit()
db = dbResult['result']
status, details = db_authentication.password_valid(db,
crypt_salt=db_name,
username=username,
password=password)
if status != 'success':
print '<form method=post action=/%s-cgi-bin/project_admin.pyc>' % db_name
pmt_utils.usernamePasswordDisplay(username)
pmt_utils.alertsArea(form, 'Can not verify you as a valid user')
print '<hr><input name=reload type=submit value="Query">'
print '<input name=action value=edit type=hidden>'
print '</form>'
sys.exit()
if pmt_utils.hasPriv(db, username, 'project_data') != 1:
print '<form method=post action=/%s-cgi-bin/project_admin.pyc>' % db_name
pmt_utils.usernamePasswordDisplay(username)
msg = 'User %s does not have project admin privileges' % username
pmt_utils.alertsArea(form, msg)
print '<hr><input name=reload type=submit value="Query">'
print '<input name=action value=edit type=hidden>'
print '</form>'
sys.exit()
sqlStatement = pmt_utils.selectAllColumnsSqlStatement(
table_data, 'project_info', '1')
dbResult = pmt_utils.executeSQL(db, sqlStatement)
if dbResult['status'] != 'success':
msg = "Could not retrieve project info to edit\n"
pmt_utils.alertsArea(form, msg + dbResult['message'])
else:
result = dbResult['result']
table_data = pmt_utils.dbToTableData(table_data, 'project_info',
result[0])
table_data['project_info']['id']['value'] = '1'
pmt_utils.display_form(table_data, 'project_info', 1, 'useValues', 1,
db)
pmt_utils.alertsArea(form, "Project Info retrieved successfully")
project_adminButtons('save')
pmt_utils.textbox(None, 'key_id', '', '10', '10', None, None, 'hidden')
pmt_utils.textbox(None, 'action', '', '10', '10', None, None, 'hidden')
pmt_utils.textbox(None, 'item_no', '', '8', '8', None, None, 'hidden')
print "</FORM>"
pmt_utils.trailer(table_data, db)
db.close()
print "</BODY>"
print "</HTML>"
def edit_project_info(performDbQuery=0, onLoad=None, queryFields=None):
table_data = declarations.define_tables()
print "<HTML>"
print "<HEAD>"
pmt_utils.javaScript("project_admin")
pmt_utils.title("Project Administration")
print "</HEAD>"
pmt_utils.bodySetup(onLoad)
pmt_utils.mainHeading('Project Administration')
pmt_utils.subHeading('Project Info')
pmt_utils.formSetup("project_admin", db_name, "project_admin",
"return submitForm(document.project_admin)")
if username == None:
pmt_utils.usernamePasswordDisplay()
project_adminButtons(button_name='edit')
pmt_utils.textbox(None, 'key_id', '1', '10', '10', None, None,
'hidden')
pmt_utils.textbox(None, 'action', '', '10', '10', None, None, 'hidden')
pmt_utils.textbox(None, 'item_no', '', '8', '8', None, None, 'hidden')
print "</FORM>"
try:
pmt_utils.trailer(table_data, db)
db.close()
except NameError:
pass
print "</BODY>"
print "</HTML>"
return
dbResult = pmt_utils.connectDB(declarations.pmt_info['browser_username'],
declarations.pmt_info['browser_password'],
declarations.pmt_info['db_name'])
# could not connect to db
if dbResult['status'] != 'success':
pmt_utils.alertsArea(
form, "Can not connect to database,\n" + dbResult['message'])
project_adminButtons()
print "</FORM>"
try:
pmt_utils.trailer(table_data, db)
db.close()
except NameError:
pass
print "</BODY>"
print "</HTML>"
return
db = dbResult['result']
status, details = db_authentication.password_valid(db,
crypt_salt=db_name,
username=username,
password=password)
if status != 'success':
print '<form method=post action=/%s-cgi-bin/project_admin.pyc>' % db_name
pmt_utils.usernamePasswordDisplay(username)
pmt_utils.alertsArea(form, 'Can not verify you as a valid user')
print '<hr><input name=reload type=submit value="Query">'
print '<input name=action value=edit type=hidden>'
print '</form>'
sys.exit()
if pmt_utils.hasPriv(db, username, 'project_data') != 1:
print '<form method=post action=/%s-cgi-bin/project_admin.pyc>' % db_name
pmt_utils.usernamePasswordDisplay(username)
msg = 'User %s does not have project admin privileges>' % username
pmt_utils.alertsArea(form, msg)
print '<hr><input name=reload type=submit value="Query">'
print '<input name=action value=edit type=hidden>'
print '</form>'
sys.exit()
if form.has_key('key_id'):
key_id = form['key_id'].value
else:
key_id = '1'
sqlStatement = pmt_utils.selectAllColumnsSqlStatement(
table_data, 'project_info', key_id)
dbResult = pmt_utils.executeSQL(db, sqlStatement)
if dbResult['status'] != 'success':
msg = "Could not retrieve project information\n" + dbResult['message']
pmt_utils.alertsArea(form, msg)
else:
result = dbResult['result']
table_data = pmt_utils.dbToTableData(table_data, 'project_info',
result[0])
table_data['project_info']['id']['value'] = '1'
pmt_utils.display_form(table_data, 'project_info', 1, 'useValues', 1,
db)
pmt_utils.alertsArea(form,
"Project Information retrieved successfully")
project_adminButtons(button_name='save')
pmt_utils.textbox(None, 'key_id', '', '10', '10', None, None, 'hidden')
pmt_utils.textbox(None, 'action', '', '10', '10', None, None, 'hidden')
pmt_utils.textbox(None, 'item_no', '', '8', '8', None, None, 'hidden')
print "</FORM>"
try:
pmt_utils.trailer(table_data, db)
db.close()
except NameError:
pass
print "</BODY>"
print "</HTML>"
