def login(): if session.get("user-token", None): return sender.Forbidden("Already logged in! Logout first") username = request.json.get("username", None) password = request.json.get("password", None) database = request.json.get("database", None) if database == "": database = "postgres" request.json["database"] = database host = request.json.get("host", None) port = request.json.get("port", None) if not (username and password and host and port): return sender.BadRequest("Missing parameters") connstring = "dbname='{}' user='******' host='{}' password='******' port={}".format( database, username, host, password, port) try: conn = psycopg2.connect(connstring) conn.set_session(autocommit=True) except Exception as e: return sender.Forbidden("Recheck credentials") conndict = request.json conndict.pop("password") # Add object to session session["user-token"] = setConnection([conn, conndict]) return sender.OK("Logged in", session["user-token"])
def logout(): # Check if logged in if "user-token" in session: closeConnection(session["user-token"]) session.pop("user-token") return sender.OK("Logged out!") else: return sender.Forbidden("Login first!")
def drop_schema(): name = request.json.get('schema', None) if not name: return sender.BadRequest("missing field: schema") not_allowed = ["pg_toast", "pg_catalog", "public", "information_schema"] if name in not_allowed: return sender.Forbidden("Not allowed") curr = getConnection(session["user-token"])[0].cursor() query = "DROP SCHEMA \"{}\";".format(name) try: curr.execute(query) return sender.OK("Schema {} successfully dropped!".format(name)) except Exception as e: return sender.Error(str(e))
def rename_schema(): name = request.json.get('schema', None) new_name = request.json.get('new_name', None) if not name or not new_name: return sender.BadRequest() not_allowed = ["pg_toast", "pg_catalog","public","information_schema"] if name in not_allowed: return sender.Forbidden("Not allowed") curr = getConnection(session["user-token"])[0].cursor() query = "ALTER SCHEMA \"{}\" RENAME TO \"{}\";".format(name, new_name) try: curr.execute(query) return sender.OK("Schema {} successfully renamed to {}!".format(name, new_name)) except Exception as e: return sender.Error(str(e))
def drop_table(): schema = request.json.get("schema", None) name = request.json.get("table", None) if not name: return sender.BadRequest() not_allowed = ["pg_toast", "pg_catalog", "information_schema"] if not schema: schema = "public" if schema in not_allowed: return sender.Forbidden("Not allowed") curr = getConnection(session["user-token"])[0].cursor() query = "DROP TABLE \"{}\".\"{}\";".format(schema, name) try: curr.execute(query) return sender.OK("Table {} successfully dropped".format(name)) except Exception as e: return sender.Error(str(e))
def rename_table(): schema = request.json.get("schema", None) name = request.json.get("table", None) new_name = request.json.get("new_name", None) if not name or not new_name: return sender.BadRequest() not_allowed = ["pg_toast", "pg_catalog", "information_schema"] if not schema: schema = "public" if schema in not_allowed: return sender.Forbidden("Not allowed") curr = getConnection(session["user-token"])[0].cursor() query = """ALTER TABLE {}.{} RENAME TO \"{}\"""".format(schema, name, new_name) try: curr.execute(query) return sender.OK("Table {} successfully renamed to {}".format( name, new_name)) except Exception as e: return sender.Error(str(e))