def poner_pista(obra_id=None): result = {} form = AddTrackForm(request.form) con = engine.connect() if request.method == 'GET': populate_pista(con, form, obra_id) add_pista_choices(con, form) result['archivos'] = query_archivos(con, obra_id) result['editor'] = True if obra_id is not None: result['obra_id'] = obra_id con.close() if request.method == 'POST' and form.validate(): validated, file = validate_audio_file() con = engine.connect() if obra_id is None: # When inserting for the first time there must be a file if not validated: return jsonify(success="danger", msg=file) msg, success = upsert_pista_wrapper(insert_pista, con, form, file) else: if not validated: # On update a file need not be uploaded flash(file, 'warning') msg, success = upsert_pista_wrapper(update_pista, con, form, file=None, pista_id=obra_id) else: msg, success = upsert_pista_wrapper(update_pista, con, form, file, obra_id) con.close() if success: return jsonify(success=success, msg=msg) else: return jsonify(success=success, msg=msg) return render_template('poner/pista.html', form=form, result=result)
def perfil(): con = engine.connect() if session['is_person']: user = current_pers(con, session['email']) else: user = current_gr(con, session['email']) pers_gr = query_pers_gr(con, session['id']) result = query_perfil(con, session['id'], 'EDITOR') con.close() password_form = ChangePasswordForm(request.form) if request.method == 'POST' and password_form.validate(): if user and bcrypt.verify(password_form.old_password.data, user.contrasena): con = engine.connect() password = bcrypt.using(rounds=13).hash(str(password_form.new_password.data)) reset_pass = text("""UPDATE public.usuario SET contrasena=:password WHERE usuario_id=:id""") con.execute(reset_pass, id=user.part_id, password=password) con.close() flash('Contraseña cambiada correctamente.', 'success') else: flash('El cambio de contraseña no tuvo éxito.', 'danger') return redirect(url_for('user.perfil', _anchor='tab_contrasena')) return render_template('user/perfil.html', user=user , result=result , pers_gr=pers_gr , password_form=password_form)
def poner_serie(obra_id=None): form = SerieForm(request.form) con = engine.connect() ruta = (None, None) if request.method == 'GET' and obra_id is not None: ruta = populate_serie(con, form, obra_id) con.close() if request.method == 'POST' and form.validate(): validated, file = validate_image_file() con = engine.connect() trans = con.begin() try: if obra_id is None: if validated: upload_album_image_insert(con, form, session['id'], file) else: insert_serie(con, form, session['id'], None) else: if validated: upload_album_image_update(con, form, session['id'], file, obra_id) else: update_serie(con, form, session['id'], obra_id, None) trans.commit() flash('La actualización se ha realizado correctamente.', 'success') except Exception as ex: trans.rollback() if app.config['DEBUG']: raise # Only for development flash('Ocurrió un error; ' + str(ex), 'danger') con.close() return redirect(url_for('user.perfil', _anchor='tab_varios')) return render_template('poner/serie.html', form=form, ruta=ruta)
def poner_part(): form = AddEntityForm(request.form) con = engine.connect() init_pers_grupo(form) add_part_choices(con, form) con.close() if request.method == 'POST' and form.validate(): con = engine.connect() upsert_wrapper(insert_part, con, form) return redirect(url_for('user.perfil', _anchor='tab_part')) return render_template('poner/part.html', form=form)
def poner_tema(): form = TemaForm(request.form) con = engine.connect() form.delete_tema.choices = populate_temas_form(con) con.close() if request.method == 'POST' and form.validate(): con = engine.connect() insert_wrapper(insert_tema, con, form) con.close() return redirect(url_for('user.perfil', _anchor='tab_varios')) return render_template('poner/tema.html', form=form)
def poner_grupo(obra_id): form = UpdateEntityForm(request.form) con = engine.connect() if request.method == 'GET': populate_poner_grupo(con, form, obra_id) add_part_choices(con, form) con.close() if request.method == 'POST' and form.validate(): con = engine.connect() upsert_wrapper(update_poner_grupo, con, form, obra_id) return redirect(url_for('user.perfil', _anchor='tab_part')) return render_template('poner/grupo.html', form=form)
def poner_instrumento(): form = InstrForm(request.form) con = engine.connect() form.familia_instr_id.choices = populate_inst_fam(con) form.delete_inst.choices = populate_instrumento_form(con) con.close() if request.method == 'POST' and form.validate(): con = engine.connect() insert_wrapper(insert_inst, con, form) con.close() return redirect(url_for('user.perfil', _anchor='tab_varios')) return render_template('poner/instrumento.html', form=form)
def poner_album(): form = AlbumForm(request.form) con = engine.connect() form.delete_album.choices = populate_album_form(con) form.serie_id.choices = populate_serie_form(con) con.close() if request.method == 'POST' and form.validate(): con = engine.connect() insert_wrapper(insert_album, con, form) con.close() return redirect(url_for('user.perfil', _anchor='tab_varios')) return render_template('poner/album.html', form=form)
def info(): form = InfoForm(request.form) con = engine.connect() if request.method == 'GET': # prepopulate populate_info(con, form) con = engine.connect() add_info_choices(con, form) con.close() if request.method == 'POST' and form.validate(): con = engine.connect() upsert_wrapper(update_info, con, form) return redirect(url_for('user.perfil')) return render_template('user/info.html', form=form)
def reset(): form = EmailForm(request.form) if request.method == 'POST' and form.validate(): con = engine.connect() user = current_user(con, form.email.data) con.close() if user is not None: subject = "Reajuste de contraseña solicitado" # Here we use the URLSafeTimedSerializer we created in `util` at the # beginning of the chapter token = ts.dumps(form.email.data, salt='recover-key') recover_url = url_for( 'user.reset_with_token', token=token, _external=True) html = render_template( 'user/recover.html', recover_url=recover_url) # Let's assume that send_email was defined in myapp/util.py send_email(form.email.data, subject, html) flash('Se envió un correo electrónico a esa dirección si el correo electrónico se registró en nuestro sitio.', 'success') return redirect(url_for('user.login')) return render_template('user/reset.html', form=form)
def register(): form = RegisterForm(request.form) if request.method == 'POST' and form.validate(): email = form.email.data.strip(' ') nom_usuario = form.nom_usuario.data.strip(' ') contrasena = bcrypt.using(rounds=13).hash(str(form.contrasena.data)) con = engine.connect() if form.user_type.data == 'persona': user_query = text("""INSERT INTO public.us_pers (email, nom_usuario, contrasena) VALUES (:email, :nom_usuario, :contrasena);""") con.execute(user_query, email=email, nom_usuario=nom_usuario, contrasena=contrasena) else: user_query = text("""INSERT INTO public.us_gr (email, nom_usuario, contrasena) VALUES (:email, :nom_usuario, :contrasena);""") con.execute(user_query, email=email, nom_usuario=nom_usuario, contrasena=contrasena) # set session data init_session(con, email) con.close() token = generate_confirmation_token(email) confirm_url = url_for('user.confirm_email', token=token, _external=True) html = render_template('user/activate.html', confirm_url=confirm_url) subject = "Por favor, confirma tu email" send_email(email, subject, html) flash('Te has registrado y ahora estás conectado. ¡Bienvenido!', 'success') return redirect(url_for('user.info')) return render_template('user/register.html', form=form)
def validate(self): initial_validation = super(RegisterForm, self).validate() if not initial_validation: return False con = engine.connect() user_email_query = text( """SELECT usuario_id FROM public.usuario WHERE LOWER(gr_email) = LOWER(:email) OR LOWER(pers_email) = LOWER(:email)""" ) user_email = con.execute(user_email_query, email=self.email.data).first() username_query = text("""SELECT nom_usuario FROM public.usuario WHERE LOWER(nom_usuario) = LOWER(:nom_usuario)""" ) username = con.execute(username_query, nom_usuario=self.nom_usuario.data).first() con.close() is_valid = True if user_email: self.email.errors.append( "Este correo electrónico ya está registradod") is_valid = False if username: self.nom_usuario.errors.append( "Este nombre de usuario ya está registrado") is_valid = False return is_valid
def poner_composicion(obra_id=None): form = AddCompForm(request.form) con = engine.connect() if request.method == 'GET': populate_comp(con, form, obra_id) add_comp_choices(con, form) con.close() if request.method == 'POST' and form.validate(): con = engine.connect() if obra_id is None: upsert_wrapper(insert_comp, con, form) else: upsert_wrapper(update_comp, con, form, obra_id) con.close() return redirect(url_for('user.perfil', _anchor='tab_pista')) return render_template('poner/composicion.html', form=form)
def estado(obra, estado, obra_id): estados = ['DEPOSITAR', 'RECHAZADO', 'PENDIENTE', 'PUBLICADO'] estado_upper = estado.upper() if estado_upper not in estados: abort(404) obras = ['comp', 'pista', 'pers', 'grupo', 'serie'] if obra not in obras: abort(404) con = engine.connect() try: if 'comp' in obra: estado_comp(con, obra_id, estado_upper, session['id']) elif 'pista' in obra: estado_pista(con, obra_id, estado_upper, session['id']) elif 'pers' in obra: estado_pers(con, obra_id, estado_upper, session['id']) elif 'grupo' in obra: estado_grupo(con, obra_id, estado_upper, session['id']) elif 'serie' in obra: estado_serie(con, obra_id, estado_upper, session['id']) except Exception as ex: if app.config['DEBUG']: raise # Only for development flash('Ocurrió un error;' + str(ex), 'danger') con.close() return '', 204
def prohibido(usuario_id): con = engine.connect() json = request.get_json(force=True) prohibido = (json['prohibido'] == 'True') update_prohibido(con, usuario_id, prohibido) con.close() return '', 204
def permiso(usuario_id): con = engine.connect() json = request.get_json() permiso = json['permiso'].upper() update_permiso(con, usuario_id, permiso) con.close() return '', 204
def login(): form = LoginForm(request.form) if request.method == 'POST' and form.validate(): con = engine.connect() init_session(con, form.email.data) con.close() flash('Conexión exitosa', 'success') return redirect(url_for('user.perfil')) return render_template('user/login.html', form=form)
def search(): result = {} bind_params = {} if request.args.get('filtrado', None): bind_params['nom'] = request.args['nom'] filt = request.args['filtrado'] bind_params['year_from'] = parse_int(request.args['ano-comienzo']) bind_params['year_to'] = parse_int(request.args['ano-finale']) bind_params['contains'] = request.args['comentario'] # General search con = engine.connect() if filt == 'all': autor_query(con, bind_params, result) colectivo_query(con, bind_params, result) composicion_query(con, bind_params, result) serie_query(con, bind_params, result) # Search through artistas if filt == 'autor': autor_query(con, bind_params, result) # Search through colectivos if filt == 'colectivo': colectivo_query(con, bind_params, result) # search through composicions if filt == 'composicion': composicion_query(con, bind_params, result) # Search through serie if filt == 'serie': serie_query(con, bind_params, result) # Search through comps by Tema if filt == 'tema': tema_query(con, bind_params, result) # Search through comps by Genre if filt == 'genero': genero_query(con, bind_params, result) # Search through comps by instrument if filt == 'instrumento': instrumento_query(con, bind_params, result) # Search through comps by language if filt == 'idioma': idioma_query(con, bind_params, result) # Search through pista by performer if filt == 'interp': interp_query(con, bind_params, result) if filt == 'gender': genero_autor_query(con, bind_params, result) if filt == 'usuario': usuario_autor_query(con, bind_params, result) usuario_colectivo_query(con, bind_params, result) usuario_comp_query(con, bind_params, result) if filt == 'ciudad' or filt == 'subdivision' or filt == 'pais': lugar_colectivo_query(con, bind_params, result, filt) lugar_comp_query(con, bind_params, result, filt) lugar_autor_query(con, bind_params, result, filt) con.close() return render_template('main/search.html', result=result, bind_params=bind_params)
def retirar_inst(obra_id): if obra_id == 1 or obra_id == 2: # cannot remove 'Ninguno' or 'voz' instruments flash('No se puede eliminar esta información', 'danger') return redirect(url_for('user.poner_instrumento')) else: con = engine.connect() delete_wrapper(delete_inst, con, obra_id) con.close() return redirect(url_for('user.poner_instrumento', _anchor='tab_pista'))
def validate(self): initial_validation = super(EmailForm, self).validate() if not initial_validation: return False con = engine.connect() user = current_user(con, self.email.data) con.close() if user is None: self.email.errors.append( "Este correo electrónico no está registrado") return False return True
def validate(self): from flask import session initial_validation = super(ChangePasswordForm, self).validate() if not initial_validation: return False con = engine.connect() user_pass = current_user(con, session['email']).contrasena con.close() if not bcrypt.verify(str(self.old_password.data), user_pass): self.old_password.errors.append("Contraseña invalida") return False return True
def serie(serie_id): result = {} con = engine.connect() # query serie serie = serie_view(con, serie_id) if serie is None: abort(404) album_query = text( """SELECT * FROM public.album WHERE serie_id=:serie_id""") result['albums'] = con.execute(album_query, serie_id=serie_id) # query all pista son associated with that serie result['comps'] = comp_serie_view(con, serie_id) con.close() return render_template('main/serie.html', serie=serie, result=result)
def retirar_serie(obra_id): con = engine.connect() try: path = app.config['UPLOAD_FOLDER'] + '/images/albums/' + str(obra_id) if os.path.exists(path): rmtree(path) delete_serie(con, obra_id) flash('la eliminación se ha realizado correctamente.', 'success') except Exception as ex: if app.config['DEBUG']: raise # Only for development flash('Ocurrió un error;' + str(ex), 'danger') con.close() return redirect(url_for('user.perfil', _anchor='tab_varios'))
def retirar_foto(obra_id): con = engine.connect() try: path = app.config['UPLOAD_FOLDER'] + '/images/albums/' + str(obra_id) if os.path.exists(path): rmtree(path) query = text("""UPDATE public.serie SET ruta_foto = NULL WHERE serie_id=:obra_id""") con.execute(query, obra_id=obra_id) flash('la eliminación se ha realizado correctamente.', 'success') except Exception as ex: if app.config['DEBUG']: raise # Only for development flash('Ocurrió un error;' + str(ex), 'danger') return redirect(url_for('user.poner_serie', obra_id=obra_id))
def colectivo(part_id): result = {} # query colectivo con = engine.connect() colectivo_query = text( """SELECT * FROM public.gr_view WHERE part_id=:part_id AND estado = 'PUBLICADO'""" ) colectivo = con.execute(colectivo_query, part_id=part_id).first() if colectivo is None: abort(404) result['pers'] = pers_grupo_view(con, part_id) result['comps'] = comp_grupo_view(con, part_id) con.close() return render_template('main/colectivo.html', autor=colectivo, result=result)
def validate(self): initial_validation = super(InfoForm, self).validate() if not initial_validation: return False con = engine.connect() user_email_query = text( """SELECT usuario_id FROM public.usuario WHERE LOWER(gr_email) = LOWER(:email) OR LOWER(pers_email) = LOWER(:email)""" ) user_email = con.execute(user_email_query, email=self.email.data).first() con.close() if user_email: self.email.errors.append( "Este correo electrónico ya está registradod") return False return True
def autor(part_id): result = {} result_interp = {} # _query author con = engine.connect() author_query = text( """SELECT * FROM public.pers_view WHERE part_id=:part_id AND estado = 'PUBLICADO'""" ) author = con.execute(author_query, part_id=part_id).first() if author is None: abort(404) result['comps'] = comp_autor_view(con, part_id) result_interp['comps'] = interp_autor_view(con, part_id) con.close() return render_template('main/autor.html', autor=author, result=result, result_interp=result_interp)
def validate(self): initial_validation = super(LoginForm, self).validate() if not initial_validation: return False con = engine.connect() user = current_user(con, self.email.data) con.close() if user is None: self.email.errors.append( "Este correo electrónico no está registrado") return False if user.prohibido: self.email.errors.append("Esta cuenta ha sido prohibida.") return False if not bcrypt.verify(str(self.password.data), user.contrasena): self.password.errors.append("Contraseña invalida") return False return True
def confirm_email(token): try: email = confirm_token(token) except: flash('El enlace de confirmación no es válido o ha caducado.', 'danger') con = engine.connect() init_session(con, email) if session['confirmed']: flash('Cuenta ya confirmada. Por favor Iniciar sesión.', 'success') else: confirm_user = text("""UPDATE public.usuario SET confirmado=TRUE , fecha_confirmado=now() WHERE usuario_id=:id""") con.execute(confirm_user, id=session['id']) session['confirmed'] = True flash('Has confirmado tu cuenta. ¡Gracias!', 'success') con.close() return redirect(url_for('user.perfil'))
def composicion(comp_id): result = {} con = engine.connect() # query composicion comp, autors = comp_view_query(con, comp_id) if comp is None: abort(404) result['pistas'] = pista_archivo_view(con, comp_id) query_idioma = text( """SELECT * FROM public.idioma_composicion ic JOIN public.idioma i ON ic.idioma_id = i.idioma_id WHERE composicion_id=:comp_id""") result['idiomas'] = con.execute(query_idioma, comp_id=comp_id) query_tema = text( """SELECT * FROM public.tema_composicion tc JOIN public.tema t ON t.tema_id = tc.tema_id WHERE composicion_id=:comp_id""") result['temas'] = con.execute(query_tema, comp_id=comp_id) con.close() return render_template('main/composicion.html', comp=comp, autors=autors, result=result)