def wrapper(*args, **kwargs):
if 'session_key' in session and session[
'session_key'] != "" and get_user_by_session_key(
session['session_key']):
if get_change_password(
get_user_by_session_key(session['session_key'])) == 1:
flash('Hasło musi zostać zmienione!')
return redirect(url_for('pass_reset'))
return func(*args, **kwargs)
else:
return redirect(url_for('note_public'))
def wrapper(*args, **kwargs):
if 'session_key' in session and session[
'session_key'] != "" and get_user_by_session_key(
session['session_key']):
return func(*args, **kwargs)
else:
return redirect(url_for('login_page'))
def dashboard():
titles, files = get_notes_by_user_id(
get_user_by_session_key(session['session_key']))
titles_shared, files_shared = get_notes_shared_with(
get_user_by_session_key(session['session_key']))
parameters = {
"files": files,
"download_links": titles,
"length": len(files),
"files_shared": files_shared,
"download_links_shared": titles_shared,
"length_shared": len(files_shared),
'logged_in': 1,
'current_site': 'dashboard'
}
return render_template("dashboard.html", parameters=parameters)
def note_show_public(uid):
parameters = {'logged_in': 0, 'current_site': 'note'}
if 'session_key' in session and session[
'session_key'] != "" and get_user_by_session_key(
session['session_key']):
parameters['logged_in'] = 1
parameters['note'], parameters['title'] = get_public_note_by_id(uid)
if parameters['note'] is None:
return abort(404)
parameters['allowed_users'], parameters[
'allowed_count'] = get_allowed_users(uid)
return render_template('note_show.html', parameters=parameters)
def note_post():
if len(request.form['note']) > 200:
return abort(400)
if request.form['update'] == '0':
uid = add_note(request.form['title'], request.form['note'],
get_user_by_session_key(session['session_key']))
else:
uid = update_note(request.form['title'], request.form['note'],
request.form['id'])
flash("Zapisano")
flash("_ok")
return redirect('/note/' + uid)
def note_get(uid):
parameters = {
'logged_in': 1,
'update': 1,
'id': uid,
'current_site': 'note'
}
parameters['note'], parameters['title'], parameters[
'public'] = get_note_by_id(
uid, get_user_by_session_key(session['session_key']))
parameters['allowed_users'], parameters[
'allowed_count'] = get_allowed_users(uid)
return render_template('note.html', parameters=parameters)
def note_public():
if 'session_key' in session and session[
'session_key'] != "" and get_user_by_session_key(
session['session_key']):
if get_change_password(get_user_by_session_key(
session['session_key'])) == 1:
flash('Hasło musi zostać zmienione!')
return redirect(url_for('pass_reset'))
titles, files = get_notes_public()
parameters = {
"files": files,
"download_links": titles,
"length": len(files),
'logged_in': 0,
'current_site': 'public'
}
if 'session_key' in session and session[
'session_key'] != "" and get_user_by_session_key(
session['session_key']):
parameters['logged_in'] = 1
return render_template("public.html", parameters=parameters)
def note_show_shared(uid):
parameters = {
'logged_in': 1,
'update': 0,
'id': uid,
'current_site': 'note'
}
parameters['note'], parameters['title'], parameters[
'public'] = get_shared_note_by_id(
uid, get_user_by_session_key(session['session_key']))
if parameters['note'] is None:
return abort(404)
parameters['allowed_users'], parameters[
'allowed_count'] = get_allowed_users(uid)
return render_template('note_show.html', parameters=parameters)
def note_share():
public = request.form.getlist('public')
if request.form['user'] is not None and len(request.form['user']) > 0:
user = get_user_id(request.form['user'])
if user < 0:
flash("Podany użytkownik nie istnieje")
return redirect('/note/' + request.form['id'])
elif user == get_user_by_session_key(session['session_key']):
flash("Nie możesz udostępnić notatki samemu sobie")
return redirect('/note/' + request.form['id'])
else:
add_note_to_shared(request.form['id'], user)
update_public_access(request.form['id'], len(public))
flash("Zapisano")
flash("_ok")
return redirect('/note/' + request.form['id'])
def user_connection(mailjet, session_key, request):
user_id = get_user_by_session_key(session_key)
agent = request.user_agent.platform.upper(
) + " " + request.user_agent.browser.upper(
) + " " + request.user_agent.version
ip = request.remote_addr
query = "SELECT agent, ip FROM connections WHERE userid='{0}'".format(
user_id)
conn = sqlite3.connect(DBFILE)
c = conn.cursor()
counter = 0
for u in c.execute(query):
counter += 1
if u[0] == agent and u[1] == ip:
return
# skip - due to first connection, no need to inform about the first connection, just add record to db
if counter == 0:
query = "INSERT INTO connections VALUES('{0}','{1}', '{2}')".format(
user_id, agent, ip)
c.execute(query)
conn.commit()
return
query = "SELECT user, email FROM users WHERE id='{0}'".format(user_id)
c = conn.cursor()
result = c.execute(query).fetchall()[0]
login = result[0]
email = result[1]
result = send_mail(
mailjet, email, "Nowe połączenie",
"Konto {0}. Przyłączono nowe urządzenie: {1}. Czy to na pewno Ty? Jeżeli nie, zmień swoje hasło jak najszybciej"
.format(login, agent))
if result.status_code == 200:
query = "INSERT INTO connections VALUES('{0}','{1}', '{2}')".format(
user_id, agent, ip)
c.execute(query)
conn.commit()