Exemplo n.º 1
0
def run(args, dbparams):
    import MySQLdb
    db=MySQLdb.connect(host=dbparams["host"], db=dbparams["db"], user=dbparams["user"], passwd=dbparams["passwd"])
    c=db.cursor()

    data = {}
    from au_user import getUserId
    user_id = getUserId(c, args['user'], args['password'])
    if user_id == -1:
        data['pass'] = '******'
        c.close()
        return data

    c.execute('SELECT name, admin, business FROM users WHERE pid=%s',
              (user_id,))
    res = c.fetchall()

    from au_user import booltostr
    data['users'] = []
    for item in res:
        user = {'name': item[0],
                'admin': booltostr(item[1]),
                'business': booltostr(item[2])}

        data['users'].append(user)
    data['pass'] = '******'
    c.close()
    return data
def run(args, dbparams):
    id = int(args['id'])

    import MySQLdb
    from au_user import getUserId, haveRight, haveProductRight, isUserParent, booltostr, \
            getCategoryParent, getProductParent, isCategoryOwner, isProductOwner

    db=MySQLdb.connect(host=dbparams["host"], db=dbparams["db"], user=dbparams["user"], passwd=dbparams["passwd"])
    c=db.cursor()

    user = getUserId(c, args['name'], args['password'])

    if args['container'] == 'true':
        c.execute("SELECT name, oid, mod_servant, mod_others FROM category WHERE id=%s", (id,))
        res = c.fetchone()
        data = {'name': res[0],
                'mod_servant': booltostr(res[2]),
                'mod_others': booltostr(res[3])}

        data['owner'] = 'false'
        data['parmod'] = 'false'
        data['modify'] = 'false'
        data['cantake'] = 'false'

        if user != -1:
            if isCategoryOwner(c, user, id):
                data['owner'] = 'true'
            if haveRight(c, user, id):
                data['modify'] = 'true'
            parent = getCategoryParent(c, id)
            if parent != 0 and haveRight(c, user, parent) and data['modify'] == 'true':
                data['parmod'] = 'true'
            if isUserParent(c, res[1], user):
                data['cantake'] = 'true'
        else:
            data['modify'] = 'false'
            data['parmod'] = 'false'
    else:
        c.execute("SELECT name, complex, secret, balt, rieb, angl, descr, linkdescr, "
                  "link, mod_servant, mod_others, oid "
                  "FROM product WHERE id=%s", (id,))
        res = c.fetchone()
        oid = res[11]

        data = {'name': res[0],
                'complex': booltostr(res[1]),
                'secret': booltostr(res[2]),
                'balt': str(res[3]),
                'rieb': str(res[4]),
                'angl': str(res[5]),
                'descr': res[6],
                'linkdescr': res[7],
                'link': res[8],
                'mod_servant': booltostr(res[9]),
                'mod_others': booltostr(res[10]),
                'unit_list': []}

        c.execute("SELECT un.name, u.weight FROM unit u, unitname un WHERE u.prid = %s AND u.unid = un.id",
                  (id,))
        res = c.fetchall()
        for item in res:
            unit = {'unit': item[0], 'weight': str(item[1])}
            data['unit_list'].append(unit)

        data['modify'] = 'false'
        data['owner'] = 'false'
        data['parmod'] = 'false'
        data['cantake'] = 'false'

        if user != -1:
            if haveProductRight(c, user, id):
                data['modify'] = 'true'

            if isProductOwner(c, user, id):
                data['owner'] = 'true'

            parent = getProductParent(c, id)
            if parent != 0 and haveRight(c, user, parent) and data['modify'] == 'true':
                data['parmod'] = 'true'

            if isUserParent(c, oid, user):
                data['cantake'] = 'true'
        else:
            data['modify'] = 'false'
            data['parmod'] = 'false'


    c.close()
    return data