def dismiss_action(username, mail): e_addr = db.query( 'select email, id from Pending where username = \'{0}\''.format( username))[0][0] em.notify_user(mail, username, e_addr, 'del') db.query('delete from Pending where username = \'{0}\''.format(username)) return 0
def authorize_dean_action(name, authorizer, mail): e_addr = db.query( 'select email, id from Pending where username = \'{0}\''.format( name))[0][0] em.notify_user(mail, name, e_addr, 'dean') db.query( 'update Pending set authorized_by = \'{0}\' where username = \'{1}\''. format(authorizer, name)) return 0
def remove_bonus(user, bonus, comment, group, page, month, year): if not cookies.contains('user'): return redirect(url_for('start')) db.query( 'delete from QuotaBonus where UserName = \'{0}\' and Bonus = \'{1}\' and Comment = \'{2}\'' .format(user, bonus, comment)) return redirect( url_for('index', user=user, group=group, page=page, month=month, year=year))
def delete_local_phone(phone, description): if not cookies.contains('user'): return redirect(url_for('start')) if not cookies.get('roles')['is_root']: return redirect( url_for('index', user=cookies.get('user'), group=cookies.get('group'), page=1, month=datetime.now().month, year=datetime.now().year)) db.query( 'delete from local_phones where phone = \'{0}\' and description = \'{1}\'' .format(phone, description)) return redirect(url_for('local_phones'))
def insert_new_user(data): user, name, pwd, area, idn, email, address, phone, notes, group, auth = data return db.query( '''insert into Users (UserName, Name, Password, Area, id, email, address, phone, notes, GroupName, autorizo_hasta) values (\'{0}\', \'{1}\', \'{2}\', \'{3}\', \'{4}\', \'{5}\', \'{6}\', \'{7}\', \'{8}\', \'{9}\', \'{10}\')''' .format(user, name, pwd, area, idn, email, address, phone, notes, group, auth), False)
def get_bonus(username): return db.query('''select Bonus,UserName from QuotaBonus where UserName = \'{0}\' and date_format(Expires, "%Y-%m-%d") > \'{1}\''''. format(username, datetime.now().date().isoformat()))
def local_phones(): if not cookies.contains('user'): return redirect(url_for('start')) if not cookies.get('roles')['is_root']: return redirect( url_for('index', user=cookies.get('user'), group=cookies.get('group'), page=1, month=datetime.now().month, year=datetime.now().year)) if request.method == 'POST': db.query( 'insert into local_phones (phone, description) values (\'{0}\',\'{1}\')' .format(request.form['phone'], request.form['description'])) return redirect(url_for('local_phones')) data = db.query('select * from local_phones') return render_template('local.html', word=get_words, data=data)
def profile(user): if not cookies.contains('user'): return redirect(url_for('start')) profile_ctr.set_cookies(cookies) info = login.get_profile_data(user)[0] if profile_ctr.check_role_permissions(user, info, cookies): return redirect( url_for('index', user=cookies.get('user'), group=cookies.get('group'), page=1, month=datetime.now().month, year=datetime.now().year)) (current, rest) = profile_ctr.current_roles(user) if request.method == 'POST': if 'bonus' in request.form: if request.form['until'] != '' and request.form['comment'] != '': d = datetime.strptime(request.form['until'], '%Y-%m-%d') if request.form['bonus'].isnumeric() and int( request.form['bonus']) > 0 and d > datetime.today(): seconds = time_conversion.hours_to_seconds( int(request.form['bonus'])) profile_ctr.add_quota_bonus(user, seconds, request.form['comment'], request.form['until']) flash(msg.request_sent_successfully(cookies.get('lang'))) else: flash('error') else: flash('error') return redirect(url_for('profile', user=user)) flags = Cookies(cookies.get('is_field_mod')) profile_ctr.set_flags(flags, request.form) if profile_ctr.execute_if_modification(user, flags, request.form): return redirect(url_for('profile', user=user)) (flag, msg) = profile_ctr.save_profile_action(user, request.form, info[-1], cookies) if not msg == '': flash(msg) return redirect(url_for('profile', user=user)) info[2] = db.query( 'select areaname from Areas where area = \'{0}\''.format( info[2]))[0][0] return render_template( 'profile.html', word=get_words, data=info, rol=current, roles=rest, user=user, group=login.get_basic_info(user)[0][-1], is_modifyer=(info[0] == cookies.get('user') or not (cookies.get('roles')['is_dean'] or cookies.get('roles')['is_ddi'])), mod_pwd=cookies.get('modify'), flags=cookies.get('is_field_mod'))
def check_info(e_addr, mail, lang='es'): result = db.query('select username, id from Users where email = \'{0}\''.format(e_addr)) if len(result) == 0: return False, msg.user_not_found(user, lang) (user, dni) = result[0] try: email.send_new_pass(mail, user, dni, e_addr) except: return False, 'Error. Intente luego' return True, msg.check_your_email(lang)
def get_consumed(username, month, year): (a, b) = time_conversion.next_date(year, month) return db.query( '''select UserName,AcctStartTime,AcctStopTime,CallingStationId,ConnectInfo_start,AcctSessionTime from radacct where (UserName = \'{0}@uh.cu\' or UserName = \'{1}\') and date_format(AcctStartTime, "%Y-%m-%d") >= \'{2}\' and date_format(AcctStartTime, "%Y-%m-%d") < \'{3}\' order by AcctStartTime desc'''.format( username, username, datetime(year, month, 1).date().isoformat(), datetime(a, b, 1)))
def make_request(username, mail, form, lang): crypted = cr.encrypt(form['password']) area = process_info(form['email']) result = userinfo.consume_webservice(form['email']) if result == -1: return 'error' (name, dni, address) = (form['fullname'], form['dni'], form['address']) coworkers = db.query('select username, email from Users where area = \'{0}\''.format(area)) list_of_deans = [y for (x, y) in coworkers if len(db.query('select (username) from DBRoles where roles = \'dean\' and username = \'{0}\''.format(x))) > 0] if len(list_of_deans) == 0: return 'error' dean = list_of_deans[0] insert_into_pending(username, name, crypted, area, dni, form['email'], address, form['phone'], datetime.now().isoformat(), 'default', '') data = (name, form['email'], area, address) try: email.send_mail_to_dean(mail, username, dni, dean, data) email.notify_user(mail, username, form['email'], 'start') except: return 'error' return msg.request_sent_successfully(lang)
def update_auth(username, dni, author, mail): data = db.query( 'select * from Pending where username = \'{}\''.format(username)) user, name, pwd, area, idn, email, address, phone, notes, group, _ = data[ 0] db.query( '''insert into Users (UserName, Name, Password, Area, id, email, address, phone, notes, GroupName) values (\'{0}\', \'{1}\', \'{2}\', \'{3}\', \'{4}\', \'{5}\', \'{6}\', \'{7}\', \'{8}\', \'{9}\')''' .format(user, name, pwd, area, idn, email, address, phone, notes, group), False) em.notify_user(mail, username, email, 'ddi') db.query('insert into DBRoles (username, roles) values (\'{0}\', \'{1}\')'. format(username, 'default')) db.query('delete from Pending where username = \'{}\''.format(username)) return 0
def insert_into_dbroles(user, rol): return db.query( 'insert into DBRoles (username, roles) values (\'{0}\', \'{1}\')'. format(user, rol), False)
def get_areas(): return db.query('select Area from Areas')
def get_group_names(): return db.query('select GroupName from radgroupcheck where id < 5')
def get_users(category): return db.query('select UserName, Name, Area, email, phone from Users order by {0}'.format(category))
def get_quota(groupname): return db.query('''select Value, GroupName from radgroupcheck where GroupName = \'{0}\''''.format(groupname))
def get_roles(username): return db.query('''select roles, username from DBRoles where username= \'{0}\''''.format(username))[0]
def get_data(): data = get_pendings() headers = [x[0] for x in db.query('show columns in Pending') if x[0] != 'password' and x[0] != 'authorized_by' and x[0] != 'groupname'] return (data, headers)
def insert_into_pending(username, name, password, area, dni, email, address, phone, notes, group, auth): return db.query('''insert into Pending (username, name, password, area, id, email, address, phone, notes, groupname, authorized_by) values(\'{0}\',\'{1}\',\'{2}\',\'{3}\',\'{4}\',\'{5}\',\'{6}\',\'{7}\',\'{8}\',\'{9}\',\'{10}\')''' .format(username, name, password, area, dni, email, address, phone, notes, group, auth), False)
def check_existance(username): a = db.query('select * from Users where Username=\'{}\''.format(username)) b = db.query('select * from Pending where Username=\'{}\''.format(username)) return len(a) == 0 and len(b) == 0
def check_pending(username, dni, author): data = db.query( 'select * from Pending where username = \'{}\''.format(username)) if len(data) == 0: return False return True
def check_email(mail): a = db.query('select * from Users where email=\'{}\''.format(mail)) b = db.query('select * from Pending where email=\'{}\''.format(mail)) return len(a) == 0 and len(b) == 0
def update_rol(user, rol): return db.query( 'update DBRoles set roles = \'{0}\' where username = \'{1}\''.format( rol, user), False)
def get_pendings(): return db.query('select * from Pending')
def add_quota_bonus(user, bonus, comment, until): return db.query( '''insert into QuotaBonus (username, bonus, comment, expires) values(\'{0}\',\'{1}\',\'{2}\',\'{3}\')'''.format( user, bonus, comment, until))
def get_basic_info(username): return db.query('''select UserName, Password, GroupName from Users where UserName= \'{0}\''''.format(username))
def update_profile_field(username, column, value): return db.query( '''update Users set {0} = \'{1}\' where UserName = \'{2}\''''.format(column, value, username), False)
def get_profile_data(username): return db.query( '''select UserName, Name, Area, email, address, phone, id, Password from Users where Username = \'{}\''''.format(username))
def update_password(username, password): return db.query( '''update Users set Password = \'{0}\' where UserName = \'{1}\''''.format(password, username), False)