Compare commits
3 commits
364dfb69b6
...
f4181ade07
Author | SHA1 | Date | |
---|---|---|---|
f4181ade07 | |||
f691e7534d | |||
ce009a278b |
3 changed files with 74 additions and 38 deletions
|
@ -3,7 +3,8 @@ from flask import Flask, render_template, render_template_string, request, make_
|
||||||
from flask_socketio import SocketIO, join_room, leave_room
|
from flask_socketio import SocketIO, join_room, leave_room
|
||||||
from flask_session import Session
|
from flask_session import Session
|
||||||
from markupsafe import escape
|
from markupsafe import escape
|
||||||
from .db import get_db, change_db
|
from Website.db import get_db
|
||||||
|
import Website.db as db
|
||||||
from datetime import datetime
|
from datetime import datetime
|
||||||
finished = None
|
finished = None
|
||||||
preis = 150 #Ein Getraenk
|
preis = 150 #Ein Getraenk
|
||||||
|
@ -63,7 +64,7 @@ def create_app(test_config=None):
|
||||||
c = db.cursor()
|
c = db.cursor()
|
||||||
c.execute("SELECT * FROM users")
|
c.execute("SELECT * FROM users")
|
||||||
users = c.fetchall()
|
users = c.fetchall()
|
||||||
return render_template("list.html", users=users, preis=preis/100)
|
return render_template("list.html", users=escape(users), preis=escape(preis/100))
|
||||||
|
|
||||||
@app.route("/transactionlist")
|
@app.route("/transactionlist")
|
||||||
def transactionlist():
|
def transactionlist():
|
||||||
|
@ -123,7 +124,7 @@ def create_app(test_config=None):
|
||||||
if user != None :
|
if user != None :
|
||||||
c.execute(f"SELECT * FROM tags WHERE userid={user[0]}")
|
c.execute(f"SELECT * FROM tags WHERE userid={user[0]}")
|
||||||
tags = c.fetchall()
|
tags = c.fetchall()
|
||||||
return render_template("user.html", user=user, tags=tags)
|
return render_template("user.html", user=escape(user), tags=escape(tags))
|
||||||
|
|
||||||
else:
|
else:
|
||||||
return render_template("error.html", error_code="043")
|
return render_template("error.html", error_code="043")
|
||||||
|
@ -141,9 +142,9 @@ def create_app(test_config=None):
|
||||||
user = c.fetchone()
|
user = c.fetchone()
|
||||||
if user != None:
|
if user != None:
|
||||||
user_name = user[1]
|
user_name = user[1]
|
||||||
change_db("removeuser", user_id=user_id, before=user_name)
|
db.remove_user(user_id)
|
||||||
socketio.emit("update", "update")
|
socketio.emit("update", "update")
|
||||||
return render_template("removeuser.html", user_name=user_name)
|
return render_template("removeuser.html", user_name=escape(user_name))
|
||||||
else:
|
else:
|
||||||
return render_template("error.html", error_code="043")
|
return render_template("error.html", error_code="043")
|
||||||
|
|
||||||
|
@ -156,7 +157,7 @@ def create_app(test_config=None):
|
||||||
return render_template("error.html", error_code="418")
|
return render_template("error.html", error_code="418")
|
||||||
c.execute("SELECT * FROM users WHERE username=?", [username])
|
c.execute("SELECT * FROM users WHERE username=?", [username])
|
||||||
if c.fetchall() == []:
|
if c.fetchall() == []:
|
||||||
change_db("adduser", after=username)
|
db.add_user(username)
|
||||||
socketio.emit("update", "update")
|
socketio.emit("update", "update")
|
||||||
c.execute(f"SELECT * FROM users WHERE username=?", [username])
|
c.execute(f"SELECT * FROM users WHERE username=?", [username])
|
||||||
user = c.fetchone()
|
user = c.fetchone()
|
||||||
|
@ -178,7 +179,7 @@ def create_app(test_config=None):
|
||||||
users = c.fetchall()
|
users = c.fetchall()
|
||||||
if users != []:
|
if users != []:
|
||||||
balance_old = users[0][2]
|
balance_old = users[0][2]
|
||||||
change_db("balance", change=change, user_id=user_id)
|
db.change_balance(user_id, change)
|
||||||
socketio.emit("update", "update")
|
socketio.emit("update", "update")
|
||||||
return render_template("redirect.html")
|
return render_template("redirect.html")
|
||||||
else:
|
else:
|
||||||
|
@ -193,7 +194,7 @@ def create_app(test_config=None):
|
||||||
session_id = uuid.uuid4()
|
session_id = uuid.uuid4()
|
||||||
session[id] = session_id
|
session[id] = session_id
|
||||||
user_queue.put([user_id, "add", session_id])
|
user_queue.put([user_id, "add", session_id])
|
||||||
return render_template("addtag.html", user=user_id)
|
return render_template("addtag.html", user=escape(user_id))
|
||||||
|
|
||||||
@socketio.on('addtag')
|
@socketio.on('addtag')
|
||||||
def request_addtag(data):
|
def request_addtag(data):
|
||||||
|
@ -234,16 +235,14 @@ def create_app(test_config=None):
|
||||||
session_id = uuid.uuid4()
|
session_id = uuid.uuid4()
|
||||||
session[id] = session_id
|
session[id] = session_id
|
||||||
user_queue.put([user_id, "remove", session_id])
|
user_queue.put([user_id, "remove", session_id])
|
||||||
return render_template("removetag.html", user=user_id)
|
return render_template("removetag.html", user=escape(user_id))
|
||||||
else:
|
else:
|
||||||
db = get_db()
|
db = get_db()
|
||||||
c = db.cursor()
|
c = db.cursor()
|
||||||
c.execute(f"SELECT * FROM tags WHERE (tagid = ? AND userid = ?)", [tag_id, user_id])
|
c.execute(f"SELECT * FROM tags WHERE (tagid = ? AND userid = ?)", [tag_id, user_id])
|
||||||
if c.fetchall != []:
|
if c.fetchall != []:
|
||||||
c.execute(f"DELETE FROM tags WHERE (tagid = ? AND userid = ?)", [tag_id, user_id])
|
db.remove_tag(tag_id)
|
||||||
db.commit()
|
|
||||||
message = f"Removed {tag_id} from user {user_id}"
|
message = f"Removed {tag_id} from user {user_id}"
|
||||||
log(type="removetag", userid=user_id, before=tag_id)
|
|
||||||
return render_template("redirect.html")
|
return render_template("redirect.html")
|
||||||
else:
|
else:
|
||||||
return render_template("error.html", error_code="054")
|
return render_template("error.html", error_code="054")
|
||||||
|
@ -289,7 +288,7 @@ def create_app(test_config=None):
|
||||||
change = int(request.args.get("change"))
|
change = int(request.args.get("change"))
|
||||||
except:
|
except:
|
||||||
change = preis
|
change = preis
|
||||||
change_db("balance", user_id=userid, change=change)
|
db.change_balance(user_id, change)
|
||||||
socketio.emit("update", "update")
|
socketio.emit("update", "update")
|
||||||
return make_response(json.dumps({"mode":"balance", "username":user[1], "balance":user_new[2]}))
|
return make_response(json.dumps({"mode":"balance", "username":user[1], "balance":user_new[2]}))
|
||||||
else:
|
else:
|
||||||
|
@ -337,7 +336,7 @@ def create_app(test_config=None):
|
||||||
finished = queue_item
|
finished = queue_item
|
||||||
return make_response(json.dumps({"mode":"error","error":"170"}))
|
return make_response(json.dumps({"mode":"error","error":"170"}))
|
||||||
else:
|
else:
|
||||||
change_db("addtag", after=tag_id, user_id=user_id)
|
db.add_tag(user_id, tag_id)
|
||||||
message = f"Added {tag_id} to {username}"
|
message = f"Added {tag_id} to {username}"
|
||||||
finished = queue_item
|
finished = queue_item
|
||||||
return make_response(json.dumps({"mode":"message","username":"{}".format(username),"message":"A tag was added"}))
|
return make_response(json.dumps({"mode":"message","username":"{}".format(username),"message":"A tag was added"}))
|
||||||
|
@ -364,7 +363,7 @@ def create_app(test_config=None):
|
||||||
if user_list != []:
|
if user_list != []:
|
||||||
balance_old = user_list[0][2]
|
balance_old = user_list[0][2]
|
||||||
if user_queue.qsize() == 0:
|
if user_queue.qsize() == 0:
|
||||||
change_db("balance", user_id=tag[1], change=preis)
|
db.change_balance(tag[1], preis)
|
||||||
c.execute(f"SELECT * FROM users WHERE id={tag[1]}")
|
c.execute(f"SELECT * FROM users WHERE id={tag[1]}")
|
||||||
user = c.fetchone()
|
user = c.fetchone()
|
||||||
socketio.emit("update", "update")
|
socketio.emit("update", "update")
|
||||||
|
@ -382,7 +381,20 @@ def create_app(test_config=None):
|
||||||
before = request.form["before"]
|
before = request.form["before"]
|
||||||
after = request.form["after"]
|
after = request.form["after"]
|
||||||
change = request.form["change"]
|
change = request.form["change"]
|
||||||
change_db(statement, user_id, before, after, change)
|
|
||||||
|
if statement == "adduser":
|
||||||
|
db.add_user(after)
|
||||||
|
elif statement == "removeuser":
|
||||||
|
db.remove_user(user_id)
|
||||||
|
elif statement == "addtag":
|
||||||
|
db.add_tag(user_id, after)
|
||||||
|
elif statement == "removetag":
|
||||||
|
db.remove_tag(befor)
|
||||||
|
elif statement == "balance":
|
||||||
|
db.change_balance(user_id, change)
|
||||||
|
else:
|
||||||
|
return make_response(json.dumps({"mode":"error", "error":"418"})) #Error code
|
||||||
|
|
||||||
socketio.emit("update", "update")
|
socketio.emit("update", "update")
|
||||||
return render_template("index.html")
|
return render_template("index.html")
|
||||||
|
|
||||||
|
@ -391,4 +403,5 @@ def create_app(test_config=None):
|
||||||
def documentation():
|
def documentation():
|
||||||
return render_template("documentation.html")
|
return render_template("documentation.html")
|
||||||
|
|
||||||
|
|
||||||
return {"app":app,"socketio":socketio}
|
return {"app":app,"socketio":socketio}
|
||||||
|
|
|
@ -10,24 +10,47 @@ def log(statement, user_id, before, after, change):
|
||||||
c.execute("INSERT INTO transaction_log (timestamp, type, user_id, before, after, change) VALUES (?, ?, ?, ?, ?, ?)", [datetime.now(), statement, user_id, before, after, change])
|
c.execute("INSERT INTO transaction_log (timestamp, type, user_id, before, after, change) VALUES (?, ?, ?, ?, ?, ?)", [datetime.now(), statement, user_id, before, after, change])
|
||||||
db.commit()
|
db.commit()
|
||||||
|
|
||||||
def change_db(statement, user_id=None, before=None, after=None, change=None):
|
def add_user(after):
|
||||||
db = get_db()
|
db = get_db()
|
||||||
c = db.cursor()
|
c = db.cursor()
|
||||||
if statement == "adduser" and after != None:
|
c.execute("INSERT or IGNORE INTO users (username, balance) VALUES (?, 0)", [after])
|
||||||
c.execute("INSERT or IGNORE INTO users (username, balance) VALUES (?, 0)", [after])
|
user_id = c.lastrowid
|
||||||
user_id = c.lastrowid
|
log("add_user", user_id=user_id, after=after)
|
||||||
elif statement == "removeuser" and user_id != None and before != None:
|
db.commit()
|
||||||
c.execute("DELETE FROM tags WHERE userid=?", [user_id])
|
|
||||||
c.execute("DELETE FROM users WHERE id=?", [user_id])
|
def remove_user(user_id):
|
||||||
elif statement == "addtag" and after != None and user_id != None:
|
db = get_db()
|
||||||
c.execute("INSERT OR IGNORE INTO tags (tagid, userid) VALUES ?, ?)", [after, user_id])
|
c = db.cursor()
|
||||||
elif statement == "removetag" and before != None and user_id != None:
|
c.execute("SELECT * FROM users WHERE id = ?", [user_id])
|
||||||
c.execute("DELETE FROM tags WHERE (tagid = ? AND userid = ?)", [before, user_id])
|
user_name = c.fetchone()[1]
|
||||||
elif statement == "balance" and change != None and user_id != None:
|
c.execute("SELECT * FROM tags WHERE userid = ?", [user_id])
|
||||||
c.execute("UPDATE users SET balance = balance + ? WHERE id=?", [change, user_id])
|
for tag in c.fetchall():
|
||||||
else:
|
remove_tag(tag[0])
|
||||||
raise Exception("wrong or missing argument for change_db")
|
c.execute("DELETE FROM users WHERE id = ?", [user_id])
|
||||||
log(statement, user_id, before, after, change)
|
log("remove_user", user_id=user_id, before=user_name)
|
||||||
|
db.commit()
|
||||||
|
|
||||||
|
def add_tag(user_id, tag_id):
|
||||||
|
db = get_db()
|
||||||
|
c = db.cursor()
|
||||||
|
c.execute("INSERT OR IGNORE INTO tags (tagid, userid) VALUES ?, ?)", [tag_id, user_id])
|
||||||
|
db.commit()
|
||||||
|
log("addtag", after=tag_id, user_id=user_id)
|
||||||
|
|
||||||
|
def remove_tag(tag_id):
|
||||||
|
db = get_db()
|
||||||
|
c = db.cursor()
|
||||||
|
c.execute("SELECT * FROM tags WHERE tagid = ?", [tag_id])
|
||||||
|
user_id = c.fetchone()[1]
|
||||||
|
c.execute("DELETE FROM tags WHERE tagid = ?", [tag_id])
|
||||||
|
log("removetag", before=tag_id, user_id=user_id)
|
||||||
|
db.commit()
|
||||||
|
|
||||||
|
def change_balance(user_id, change):
|
||||||
|
db = get_db()
|
||||||
|
c = db.cursor()
|
||||||
|
c.execute("UPDATE users SET balance = balance + ? WHERE id=?", [change, user_id])
|
||||||
|
log("balance", user_id=user_id, change=change)
|
||||||
db.commit()
|
db.commit()
|
||||||
|
|
||||||
def get_db():
|
def get_db():
|
||||||
|
|
|
@ -23,14 +23,14 @@ def test_index(client):
|
||||||
|
|
||||||
#/adduser
|
#/adduser
|
||||||
def test_adduser(client):
|
def test_adduser(client):
|
||||||
response = client.get('/adduser/user')
|
response = client.post('/adduser/user', data={})
|
||||||
assert "418" in response.data.decode('utf-8')
|
assert "418" in response.data.decode('utf-8')
|
||||||
|
|
||||||
def test_adduser_new(app, client):
|
def test_adduser_new(app, client):
|
||||||
with app.app_context():
|
with app.app_context():
|
||||||
db = get_db()
|
db = get_db()
|
||||||
assert db is get_db()
|
assert db is get_db()
|
||||||
response = client.get('/adduser/user?username=test')
|
response = client.post('/adduser/user', data={user_name:"test"})
|
||||||
c = db.cursor()
|
c = db.cursor()
|
||||||
c.execute("SELECT * FROM users WHERE username = ?", ["test"])
|
c.execute("SELECT * FROM users WHERE username = ?", ["test"])
|
||||||
data = c.fetchone()
|
data = c.fetchone()
|
||||||
|
@ -40,7 +40,7 @@ def test_adduser_new(app, client):
|
||||||
assert data[2] == 0
|
assert data[2] == 0
|
||||||
|
|
||||||
def test_adduser_allreadyexists(client):
|
def test_adduser_allreadyexists(client):
|
||||||
response = client.get('/adduser/user?username=test')
|
response = client.post('/adduser/user', data={username:"test"})
|
||||||
assert "Error: 757" in response.data.decode('utf-8')
|
assert "Error: 757" in response.data.decode('utf-8')
|
||||||
|
|
||||||
#/addtag
|
#/addtag
|
||||||
|
@ -49,7 +49,7 @@ def test_addtag(client):
|
||||||
assert response.data.decode('utf-8') == "Error: 095"
|
assert response.data.decode('utf-8') == "Error: 095"
|
||||||
|
|
||||||
def test_addtag_userid_nan(client):
|
def test_addtag_userid_nan(client):
|
||||||
response = client.get('/addtag?id=test')
|
response = client.post('/addtag', data={id:1})
|
||||||
assert response.data.decode('utf-8') == "Error: 095"
|
assert response.data.decode('utf-8') == "Error: 095"
|
||||||
|
|
||||||
def test_add_tag_direktli(app):
|
def test_add_tag_direktli(app):
|
||||||
|
|
Loading…
Reference in a new issue