def run(args, dbparams):
import MySQLdb
db=MySQLdb.connect(host=dbparams["host"], db=dbparams["db"], user=dbparams["user"], passwd=dbparams["passwd"])
db.autocommit(False)
c=db.cursor()
from au_user import getUserId, haveRight, haveProductRight, getCategoryParent, getProductParent
parent = 0
if args['container'] == 'true':
container = True
parent = getCategoryParent(c, int(args['id']))
else:
container = False
parent = getProductParent(c, int(args['id']))
if parent == 0:
data = {'pass': '******'}
c.close()
return data
id = getUserId(c, args['user'], args['password'])
if id == -1:
data = {'pass': '******'}
c.close()
return data
if args['container'] == 'true':
candelete = haveRight(c, id, int(args['id']))
else:
candelete = haveProductRight(c, id, int(args['id']))
if haveRight(c, id, parent) and candelete:
delete_list = []
if delete(c, int(args['id']), container, delete_list):
for item in delete_list:
if item['cat']:
c.execute("DELETE FROM category WHERE id=%s", (item['id'],))
else:
c.execute("DELETE FROM product WHERE id=%s", (item['id'],))
c.execute('DELETE FROM unit WHERE prid=%s', (item['id'],))
data = {'pass': '******'}
db.commit()
else:
data = {'pass': '******'}
c.close()
return data
def run(args, dbparams):
parent = int(args['parent'])
import MySQLdb
db=MySQLdb.connect(host=dbparams["host"], db=dbparams["db"], user=dbparams["user"], passwd=dbparams["passwd"])
db.autocommit(False)
c=db.cursor()
from au_user import getUserId, haveRight
data = {}
id = getUserId(c, args['user'], args['password'])
if id == -1:
data['id'] == '0'
c.close()
return data
data['id'] = '0'
if haveRight(c, id, parent):
c.execute("INSERT INTO product(pid, aid, oid, mod_servant, mod_others) VALUES(%s, %s, %s, 1, 1)",
(parent, id, id))
data['id'] = str(db.insert_id())
c.execute("INSERT INTO unit(prid, unid, weight) VALUES(%s, 1, 1)",
(db.insert_id(),))
db.commit()
c.close()
return data
def run(args, dbparams):
parent = int(args['parent'])
import MySQLdb
db=MySQLdb.connect(host=dbparams["host"], db=dbparams["db"], user=dbparams["user"], passwd=dbparams["passwd"])
c=db.cursor()
from au_user import getUserId, haveRight, haveProductRight
user = -1
if args['user'] != '':
user = getUserId(c, args['user'], args['password'])
if user == -1:
data = {'pass': '******'}
c.close()
return data
c.execute("SELECT id, name FROM category WHERE pid=%s AND "
"id != 1 ORDER BY name", (parent,))
res = c.fetchall()
data = {}
data['list'] = []
for item in res:
name = str(item[1])
if len(name) == 0:
name = str(item[0])
element = {'id': str(item[0]), 'name': name, 'container': 'true'}
if user != -1 and haveRight(c, user, element['id']):
element['modify'] = 'true'
else:
element['modify'] = 'false'
data['list'].append(element)
c.execute("SELECT id, name, rieb, angl, balt FROM product WHERE PID=%s ORDER BY name", (parent,))
res = c.fetchall()
for item in res:
name = str(item[1])
if len(name) == 0:
name = str(item[0])
element = {'id': str(item[0]),
'name': name,
'rieb': str(item[2]),
'angl': str(item[3]),
'balt': str(item[4])}
if user != -1 and haveProductRight(c, user, element['id']):
element['modify'] = 'true'
else:
element['modify'] = 'false'
data['list'].append(element)
data['pass'] = '******'
c.close()
return data
def run(args, dbparams):
import MySQLdb
from au_user import getUserId, haveRight, isCategoryOwner
db=MySQLdb.connect(host=dbparams["host"], db=dbparams["db"], user=dbparams["user"], passwd=dbparams["passwd"])
db.autocommit(False)
c=db.cursor()
user = getUserId(c, args['user'], args['password'])
if user == -1:
data = {'pass': '******'}
c.close()
return data
if haveRight(c, user, int(args['id'])):
c.execute("UPDATE category SET name=%s WHERE id=%s",
(args['name'], int(args['id'])))
else:
data = {'pass': '******'}
c.close()
return data
if isCategoryOwner(c, user, int(args['id'])):
mod_servant = 0
if args['mod_servant'] == 'true':
mod_servant = 1
mod_others = 0
if args['mod_others'] == 'true':
mod_others = 1
c.execute("UPDATE category SET mod_servant=%s, mod_others=%s WHERE id=%s",
(mod_servant, mod_others, int(args['id'])))
db.commit()
data = {'pass': '******'}
c.close()
return data
def run(args, dbparams):
id = int(args['id'])
import MySQLdb
from au_user import getUserId, haveRight, haveProductRight, isUserParent, booltostr, \
getCategoryParent, getProductParent, isCategoryOwner, isProductOwner
db=MySQLdb.connect(host=dbparams["host"], db=dbparams["db"], user=dbparams["user"], passwd=dbparams["passwd"])
c=db.cursor()
user = getUserId(c, args['name'], args['password'])
if args['container'] == 'true':
c.execute("SELECT name, oid, mod_servant, mod_others FROM category WHERE id=%s", (id,))
res = c.fetchone()
data = {'name': res[0],
'mod_servant': booltostr(res[2]),
'mod_others': booltostr(res[3])}
data['owner'] = 'false'
data['parmod'] = 'false'
data['modify'] = 'false'
data['cantake'] = 'false'
if user != -1:
if isCategoryOwner(c, user, id):
data['owner'] = 'true'
if haveRight(c, user, id):
data['modify'] = 'true'
parent = getCategoryParent(c, id)
if parent != 0 and haveRight(c, user, parent) and data['modify'] == 'true':
data['parmod'] = 'true'
if isUserParent(c, res[1], user):
data['cantake'] = 'true'
else:
data['modify'] = 'false'
data['parmod'] = 'false'
else:
c.execute("SELECT name, complex, secret, balt, rieb, angl, descr, linkdescr, "
"link, mod_servant, mod_others, oid "
"FROM product WHERE id=%s", (id,))
res = c.fetchone()
oid = res[11]
data = {'name': res[0],
'complex': booltostr(res[1]),
'secret': booltostr(res[2]),
'balt': str(res[3]),
'rieb': str(res[4]),
'angl': str(res[5]),
'descr': res[6],
'linkdescr': res[7],
'link': res[8],
'mod_servant': booltostr(res[9]),
'mod_others': booltostr(res[10]),
'unit_list': []}
c.execute("SELECT un.name, u.weight FROM unit u, unitname un WHERE u.prid = %s AND u.unid = un.id",
(id,))
res = c.fetchall()
for item in res:
unit = {'unit': item[0], 'weight': str(item[1])}
data['unit_list'].append(unit)
data['modify'] = 'false'
data['owner'] = 'false'
data['parmod'] = 'false'
data['cantake'] = 'false'
if user != -1:
if haveProductRight(c, user, id):
data['modify'] = 'true'
if isProductOwner(c, user, id):
data['owner'] = 'true'
parent = getProductParent(c, id)
if parent != 0 and haveRight(c, user, parent) and data['modify'] == 'true':
data['parmod'] = 'true'
if isUserParent(c, oid, user):
data['cantake'] = 'true'
else:
data['modify'] = 'false'
data['parmod'] = 'false'
c.close()
return data
