def poner_pista(obra_id=None):
result = {}
form = AddTrackForm(request.form)
con = engine.connect()
if request.method == 'GET':
populate_pista(con, form, obra_id)
add_pista_choices(con, form)
result['archivos'] = query_archivos(con, obra_id)
result['editor'] = True
if obra_id is not None:
result['obra_id'] = obra_id
con.close()
if request.method == 'POST' and form.validate():
validated, file = validate_audio_file()
con = engine.connect()
if obra_id is None:
# When inserting for the first time there must be a file
if not validated:
return jsonify(success="danger", msg=file)
msg, success = upsert_pista_wrapper(insert_pista, con, form, file)
else:
if not validated:
# On update a file need not be uploaded
flash(file, 'warning')
msg, success = upsert_pista_wrapper(update_pista, con, form, file=None, pista_id=obra_id)
else:
msg, success = upsert_pista_wrapper(update_pista, con, form, file, obra_id)
con.close()
if success:
return jsonify(success=success, msg=msg)
else:
return jsonify(success=success, msg=msg)
return render_template('poner/pista.html', form=form, result=result)
def perfil():
con = engine.connect()
if session['is_person']:
user = current_pers(con, session['email'])
else:
user = current_gr(con, session['email'])
pers_gr = query_pers_gr(con, session['id'])
result = query_perfil(con, session['id'], 'EDITOR')
con.close()
password_form = ChangePasswordForm(request.form)
if request.method == 'POST' and password_form.validate():
if user and bcrypt.verify(password_form.old_password.data, user.contrasena):
con = engine.connect()
password = bcrypt.using(rounds=13).hash(str(password_form.new_password.data))
reset_pass = text("""UPDATE public.usuario SET contrasena=:password
WHERE usuario_id=:id""")
con.execute(reset_pass, id=user.part_id, password=password)
con.close()
flash('Contraseña cambiada correctamente.', 'success')
else:
flash('El cambio de contraseña no tuvo éxito.', 'danger')
return redirect(url_for('user.perfil', _anchor='tab_contrasena'))
return render_template('user/perfil.html', user=user
, result=result
, pers_gr=pers_gr
, password_form=password_form)
def poner_serie(obra_id=None):
form = SerieForm(request.form)
con = engine.connect()
ruta = (None, None)
if request.method == 'GET' and obra_id is not None:
ruta = populate_serie(con, form, obra_id)
con.close()
if request.method == 'POST' and form.validate():
validated, file = validate_image_file()
con = engine.connect()
trans = con.begin()
try:
if obra_id is None:
if validated:
upload_album_image_insert(con, form, session['id'], file)
else:
insert_serie(con, form, session['id'], None)
else:
if validated:
upload_album_image_update(con, form, session['id'], file, obra_id)
else:
update_serie(con, form, session['id'], obra_id, None)
trans.commit()
flash('La actualización se ha realizado correctamente.', 'success')
except Exception as ex:
trans.rollback()
if app.config['DEBUG']:
raise # Only for development
flash('Ocurrió un error; ' + str(ex), 'danger')
con.close()
return redirect(url_for('user.perfil', _anchor='tab_varios'))
return render_template('poner/serie.html', form=form, ruta=ruta)
def poner_part():
form = AddEntityForm(request.form)
con = engine.connect()
init_pers_grupo(form)
add_part_choices(con, form)
con.close()
if request.method == 'POST' and form.validate():
con = engine.connect()
upsert_wrapper(insert_part, con, form)
return redirect(url_for('user.perfil', _anchor='tab_part'))
return render_template('poner/part.html', form=form)
def poner_tema():
form = TemaForm(request.form)
con = engine.connect()
form.delete_tema.choices = populate_temas_form(con)
con.close()
if request.method == 'POST' and form.validate():
con = engine.connect()
insert_wrapper(insert_tema, con, form)
con.close()
return redirect(url_for('user.perfil', _anchor='tab_varios'))
return render_template('poner/tema.html', form=form)
def poner_grupo(obra_id):
form = UpdateEntityForm(request.form)
con = engine.connect()
if request.method == 'GET':
populate_poner_grupo(con, form, obra_id)
add_part_choices(con, form)
con.close()
if request.method == 'POST' and form.validate():
con = engine.connect()
upsert_wrapper(update_poner_grupo, con, form, obra_id)
return redirect(url_for('user.perfil', _anchor='tab_part'))
return render_template('poner/grupo.html', form=form)
def poner_instrumento():
form = InstrForm(request.form)
con = engine.connect()
form.familia_instr_id.choices = populate_inst_fam(con)
form.delete_inst.choices = populate_instrumento_form(con)
con.close()
if request.method == 'POST' and form.validate():
con = engine.connect()
insert_wrapper(insert_inst, con, form)
con.close()
return redirect(url_for('user.perfil', _anchor='tab_varios'))
return render_template('poner/instrumento.html', form=form)
def poner_album():
form = AlbumForm(request.form)
con = engine.connect()
form.delete_album.choices = populate_album_form(con)
form.serie_id.choices = populate_serie_form(con)
con.close()
if request.method == 'POST' and form.validate():
con = engine.connect()
insert_wrapper(insert_album, con, form)
con.close()
return redirect(url_for('user.perfil', _anchor='tab_varios'))
return render_template('poner/album.html', form=form)
def info():
form = InfoForm(request.form)
con = engine.connect()
if request.method == 'GET':
# prepopulate
populate_info(con, form)
con = engine.connect()
add_info_choices(con, form)
con.close()
if request.method == 'POST' and form.validate():
con = engine.connect()
upsert_wrapper(update_info, con, form)
return redirect(url_for('user.perfil'))
return render_template('user/info.html', form=form)
def reset():
form = EmailForm(request.form)
if request.method == 'POST' and form.validate():
con = engine.connect()
user = current_user(con, form.email.data)
con.close()
if user is not None:
subject = "Reajuste de contraseña solicitado"
# Here we use the URLSafeTimedSerializer we created in `util` at the
# beginning of the chapter
token = ts.dumps(form.email.data, salt='recover-key')
recover_url = url_for(
'user.reset_with_token',
token=token,
_external=True)
html = render_template(
'user/recover.html',
recover_url=recover_url)
# Let's assume that send_email was defined in myapp/util.py
send_email(form.email.data, subject, html)
flash('Se envió un correo electrónico a esa dirección si el correo electrónico se registró en nuestro sitio.',
'success')
return redirect(url_for('user.login'))
return render_template('user/reset.html', form=form)
def register():
form = RegisterForm(request.form)
if request.method == 'POST' and form.validate():
email = form.email.data.strip(' ')
nom_usuario = form.nom_usuario.data.strip(' ')
contrasena = bcrypt.using(rounds=13).hash(str(form.contrasena.data))
con = engine.connect()
if form.user_type.data == 'persona':
user_query = text("""INSERT INTO public.us_pers (email, nom_usuario, contrasena) VALUES
(:email, :nom_usuario, :contrasena);""")
con.execute(user_query, email=email, nom_usuario=nom_usuario, contrasena=contrasena)
else:
user_query = text("""INSERT INTO public.us_gr (email, nom_usuario, contrasena) VALUES
(:email, :nom_usuario, :contrasena);""")
con.execute(user_query, email=email, nom_usuario=nom_usuario, contrasena=contrasena)
# set session data
init_session(con, email)
con.close()
token = generate_confirmation_token(email)
confirm_url = url_for('user.confirm_email', token=token, _external=True)
html = render_template('user/activate.html', confirm_url=confirm_url)
subject = "Por favor, confirma tu email"
send_email(email, subject, html)
flash('Te has registrado y ahora estás conectado. ¡Bienvenido!', 'success')
return redirect(url_for('user.info'))
return render_template('user/register.html', form=form)
def validate(self):
initial_validation = super(RegisterForm, self).validate()
if not initial_validation:
return False
con = engine.connect()
user_email_query = text(
"""SELECT usuario_id FROM public.usuario WHERE LOWER(gr_email) = LOWER(:email)
OR LOWER(pers_email) = LOWER(:email)"""
)
user_email = con.execute(user_email_query,
email=self.email.data).first()
username_query = text("""SELECT nom_usuario FROM public.usuario
WHERE LOWER(nom_usuario) = LOWER(:nom_usuario)"""
)
username = con.execute(username_query,
nom_usuario=self.nom_usuario.data).first()
con.close()
is_valid = True
if user_email:
self.email.errors.append(
"Este correo electrónico ya está registradod")
is_valid = False
if username:
self.nom_usuario.errors.append(
"Este nombre de usuario ya está registrado")
is_valid = False
return is_valid
def poner_composicion(obra_id=None):
form = AddCompForm(request.form)
con = engine.connect()
if request.method == 'GET':
populate_comp(con, form, obra_id)
add_comp_choices(con, form)
con.close()
if request.method == 'POST' and form.validate():
con = engine.connect()
if obra_id is None:
upsert_wrapper(insert_comp, con, form)
else:
upsert_wrapper(update_comp, con, form, obra_id)
con.close()
return redirect(url_for('user.perfil', _anchor='tab_pista'))
return render_template('poner/composicion.html', form=form)
def estado(obra, estado, obra_id):
estados = ['DEPOSITAR', 'RECHAZADO', 'PENDIENTE', 'PUBLICADO']
estado_upper = estado.upper()
if estado_upper not in estados:
abort(404)
obras = ['comp', 'pista', 'pers', 'grupo', 'serie']
if obra not in obras:
abort(404)
con = engine.connect()
try:
if 'comp' in obra:
estado_comp(con, obra_id, estado_upper, session['id'])
elif 'pista' in obra:
estado_pista(con, obra_id, estado_upper, session['id'])
elif 'pers' in obra:
estado_pers(con, obra_id, estado_upper, session['id'])
elif 'grupo' in obra:
estado_grupo(con, obra_id, estado_upper, session['id'])
elif 'serie' in obra:
estado_serie(con, obra_id, estado_upper, session['id'])
except Exception as ex:
if app.config['DEBUG']:
raise # Only for development
flash('Ocurrió un error;' + str(ex), 'danger')
con.close()
return '', 204
def prohibido(usuario_id):
con = engine.connect()
json = request.get_json(force=True)
prohibido = (json['prohibido'] == 'True')
update_prohibido(con, usuario_id, prohibido)
con.close()
return '', 204
def permiso(usuario_id):
con = engine.connect()
json = request.get_json()
permiso = json['permiso'].upper()
update_permiso(con, usuario_id, permiso)
con.close()
return '', 204
def login():
form = LoginForm(request.form)
if request.method == 'POST' and form.validate():
con = engine.connect()
init_session(con, form.email.data)
con.close()
flash('Conexión exitosa', 'success')
return redirect(url_for('user.perfil'))
return render_template('user/login.html', form=form)
def search():
result = {}
bind_params = {}
if request.args.get('filtrado', None):
bind_params['nom'] = request.args['nom']
filt = request.args['filtrado']
bind_params['year_from'] = parse_int(request.args['ano-comienzo'])
bind_params['year_to'] = parse_int(request.args['ano-finale'])
bind_params['contains'] = request.args['comentario']
# General search
con = engine.connect()
if filt == 'all':
autor_query(con, bind_params, result)
colectivo_query(con, bind_params, result)
composicion_query(con, bind_params, result)
serie_query(con, bind_params, result)
# Search through artistas
if filt == 'autor':
autor_query(con, bind_params, result)
# Search through colectivos
if filt == 'colectivo':
colectivo_query(con, bind_params, result)
# search through composicions
if filt == 'composicion':
composicion_query(con, bind_params, result)
# Search through serie
if filt == 'serie':
serie_query(con, bind_params, result)
# Search through comps by Tema
if filt == 'tema':
tema_query(con, bind_params, result)
# Search through comps by Genre
if filt == 'genero':
genero_query(con, bind_params, result)
# Search through comps by instrument
if filt == 'instrumento':
instrumento_query(con, bind_params, result)
# Search through comps by language
if filt == 'idioma':
idioma_query(con, bind_params, result)
# Search through pista by performer
if filt == 'interp':
interp_query(con, bind_params, result)
if filt == 'gender':
genero_autor_query(con, bind_params, result)
if filt == 'usuario':
usuario_autor_query(con, bind_params, result)
usuario_colectivo_query(con, bind_params, result)
usuario_comp_query(con, bind_params, result)
if filt == 'ciudad' or filt == 'subdivision' or filt == 'pais':
lugar_colectivo_query(con, bind_params, result, filt)
lugar_comp_query(con, bind_params, result, filt)
lugar_autor_query(con, bind_params, result, filt)
con.close()
return render_template('main/search.html',
result=result,
bind_params=bind_params)
def retirar_inst(obra_id):
if obra_id == 1 or obra_id == 2:
# cannot remove 'Ninguno' or 'voz' instruments
flash('No se puede eliminar esta información', 'danger')
return redirect(url_for('user.poner_instrumento'))
else:
con = engine.connect()
delete_wrapper(delete_inst, con, obra_id)
con.close()
return redirect(url_for('user.poner_instrumento', _anchor='tab_pista'))
def validate(self):
initial_validation = super(EmailForm, self).validate()
if not initial_validation:
return False
con = engine.connect()
user = current_user(con, self.email.data)
con.close()
if user is None:
self.email.errors.append(
"Este correo electrónico no está registrado")
return False
return True
def validate(self):
from flask import session
initial_validation = super(ChangePasswordForm, self).validate()
if not initial_validation:
return False
con = engine.connect()
user_pass = current_user(con, session['email']).contrasena
con.close()
if not bcrypt.verify(str(self.old_password.data), user_pass):
self.old_password.errors.append("Contraseña invalida")
return False
return True
def serie(serie_id):
result = {}
con = engine.connect()
# query serie
serie = serie_view(con, serie_id)
if serie is None:
abort(404)
album_query = text(
"""SELECT * FROM public.album WHERE serie_id=:serie_id""")
result['albums'] = con.execute(album_query, serie_id=serie_id)
# query all pista son associated with that serie
result['comps'] = comp_serie_view(con, serie_id)
con.close()
return render_template('main/serie.html', serie=serie, result=result)
def retirar_serie(obra_id):
con = engine.connect()
try:
path = app.config['UPLOAD_FOLDER'] + '/images/albums/' + str(obra_id)
if os.path.exists(path):
rmtree(path)
delete_serie(con, obra_id)
flash('la eliminación se ha realizado correctamente.', 'success')
except Exception as ex:
if app.config['DEBUG']:
raise # Only for development
flash('Ocurrió un error;' + str(ex), 'danger')
con.close()
return redirect(url_for('user.perfil', _anchor='tab_varios'))
def retirar_foto(obra_id):
con = engine.connect()
try:
path = app.config['UPLOAD_FOLDER'] + '/images/albums/' + str(obra_id)
if os.path.exists(path):
rmtree(path)
query = text("""UPDATE public.serie SET ruta_foto = NULL WHERE serie_id=:obra_id""")
con.execute(query, obra_id=obra_id)
flash('la eliminación se ha realizado correctamente.', 'success')
except Exception as ex:
if app.config['DEBUG']:
raise # Only for development
flash('Ocurrió un error;' + str(ex), 'danger')
return redirect(url_for('user.poner_serie', obra_id=obra_id))
def colectivo(part_id):
result = {}
# query colectivo
con = engine.connect()
colectivo_query = text(
"""SELECT * FROM public.gr_view WHERE part_id=:part_id AND estado = 'PUBLICADO'"""
)
colectivo = con.execute(colectivo_query, part_id=part_id).first()
if colectivo is None:
abort(404)
result['pers'] = pers_grupo_view(con, part_id)
result['comps'] = comp_grupo_view(con, part_id)
con.close()
return render_template('main/colectivo.html',
autor=colectivo,
result=result)
def validate(self):
initial_validation = super(InfoForm, self).validate()
if not initial_validation:
return False
con = engine.connect()
user_email_query = text(
"""SELECT usuario_id FROM public.usuario WHERE LOWER(gr_email) = LOWER(:email)
OR LOWER(pers_email) = LOWER(:email)"""
)
user_email = con.execute(user_email_query,
email=self.email.data).first()
con.close()
if user_email:
self.email.errors.append(
"Este correo electrónico ya está registradod")
return False
return True
def autor(part_id):
result = {}
result_interp = {}
# _query author
con = engine.connect()
author_query = text(
"""SELECT * FROM public.pers_view WHERE part_id=:part_id AND estado = 'PUBLICADO'"""
)
author = con.execute(author_query, part_id=part_id).first()
if author is None:
abort(404)
result['comps'] = comp_autor_view(con, part_id)
result_interp['comps'] = interp_autor_view(con, part_id)
con.close()
return render_template('main/autor.html',
autor=author,
result=result,
result_interp=result_interp)
def validate(self):
initial_validation = super(LoginForm, self).validate()
if not initial_validation:
return False
con = engine.connect()
user = current_user(con, self.email.data)
con.close()
if user is None:
self.email.errors.append(
"Este correo electrónico no está registrado")
return False
if user.prohibido:
self.email.errors.append("Esta cuenta ha sido prohibida.")
return False
if not bcrypt.verify(str(self.password.data), user.contrasena):
self.password.errors.append("Contraseña invalida")
return False
return True
def confirm_email(token):
try:
email = confirm_token(token)
except:
flash('El enlace de confirmación no es válido o ha caducado.', 'danger')
con = engine.connect()
init_session(con, email)
if session['confirmed']:
flash('Cuenta ya confirmada. Por favor Iniciar sesión.', 'success')
else:
confirm_user = text("""UPDATE public.usuario
SET confirmado=TRUE
, fecha_confirmado=now()
WHERE usuario_id=:id""")
con.execute(confirm_user, id=session['id'])
session['confirmed'] = True
flash('Has confirmado tu cuenta. ¡Gracias!', 'success')
con.close()
return redirect(url_for('user.perfil'))
def composicion(comp_id):
result = {}
con = engine.connect()
# query composicion
comp, autors = comp_view_query(con, comp_id)
if comp is None:
abort(404)
result['pistas'] = pista_archivo_view(con, comp_id)
query_idioma = text(
"""SELECT * FROM public.idioma_composicion ic JOIN public.idioma i ON ic.idioma_id = i.idioma_id
WHERE composicion_id=:comp_id""")
result['idiomas'] = con.execute(query_idioma, comp_id=comp_id)
query_tema = text(
"""SELECT * FROM public.tema_composicion tc JOIN public.tema t ON t.tema_id = tc.tema_id
WHERE composicion_id=:comp_id""")
result['temas'] = con.execute(query_tema, comp_id=comp_id)
con.close()
return render_template('main/composicion.html',
comp=comp,
autors=autors,
result=result)
