Commits

Wang Dingwei committed 47d2d1e

login support

Comments (0)

Files changed (9)

 *.log
 *~
 *.swp
+*.rar
+*.zip
 dist
+uploads
 TESTDIR
 OIE_LISTS
 OrderBackup
 # -*- encoding=utf-8 -*-
 
 from flask import Flask, request, url_for, redirect, render_template, abort, \
-                  flash, g
+                  flash, g, send_from_directory, session
 
 from flaskext.sqlalchemy import SQLAlchemy
+from flaskext.uploads import (UploadSet, configure_uploads, 
+                              UploadNotAllowed)
 
 import datetime
 from collections import defaultdict
 # app.config.from_object('settings.ProductionConfig')
 
 db = SQLAlchemy(app)
-
+atts = UploadSet('files')
+configure_uploads(app, atts)
 
 class Rule(db.Model):
     __tablename__ = 'rules'
     name = db.Column(db.String(32))
     desc = db.Column(db.String(256))
     action = db.Column(db.String(256))
+    attname = db.Column(db.String(256))
 
-    def __init__(self, name, desc, action):
+    def __init__(self, name, desc, action, attname):
         self.name = name
         self.desc = desc
         self.action = action
+        self.attname = attname
 
 
 class Order(db.Model):
     else:
         raise TypeError("Unknown input type %s" % type(obj))
 
+
 @app.route('/')
 def default_view():
     "The default query method is by line"
     return render_template('index.html')
 
 
+@app.route('/login', methods=['GET', 'POST'])
+def login():
+    error = None
+    if request.method == 'POST':
+        if request.form['username'] != app.config['USERNAME']:
+            error = 'Invalid username'
+        elif request.form['password'] != app.config['PASSWORD']:
+            error = 'Invalid password'
+        else:
+            session['logged_in'] = True
+            flash('You were logged in')
+            return redirect(url_for('default_view'))
+    return render_template('login.html', error=error)
+
+
+@app.route('/logout')
+def logout():
+    session.pop('logged_in', None)
+    flash('You were logged out')
+    return redirect(url_for('default_view'))
+
+
 @app.route('/result/', methods=['GET', 'POST'])
 def get_result():
     if request.method == 'POST':
         name = request.form['rule_name']
         desc = request.form['rule_desc']
         action = request.form['rule_action']
+        fs = request.files['attachment']
+        filename = atts.save(fs) if fs.filename else ""
+
         this_rule = Rule.query.filter(Rule.name==name).filter(Rule.desc==desc).first()
-        if not this_rule:
-            db.session.add(Rule(name, desc, action))
+        if this_rule:
+            this_rule.action = action
+            if filename:
+                this_rule.attname = filename
         else:
-            this_rule.action = action
+            db.session.add(Rule(name, desc, action, filename))
         db.session.commit()
+
     rules = Rule.query.all()
     return render_template('rules.html', rules=rules)
 
     return render_template('rule.html', rule=result)
 
 
+@app.route('/uploads/<attname>')
+def push_file(attname):
+    return send_from_directory(app.config['UPLOADED_FILES_DEST'], attname)
+
 if __name__ == '__main__':
     db.create_all()
     app.run()
     TESTING = False
     SQLALCHEMY_DATABASE_URI = 'sqlite:///F:\\Projects\\orderfilter\\test.db'
     SECRET_KEY = 'development'
-
+    UPLOADED_FILES_DEST = "uploads"
+    UPLOADED_FILES_ALLOW = ('doc', 'docx', 'ppt', 'pptx', 'msg', 'txt')
+    USERNAME = 'admin'
+    PASSWORD = 'ndk800'
+    
 class ProductionConfig(Config):
     pass
 
 }
 
 #footer a{
-    color: #FFFF80;
+    color: #808080;
 }
 
 .innertube{

templates/404.html

     404 -- Page Not Found
 {% endblock %}
 {% block body %}
-<p> You've come to the wrong place. </p>
-{% endblock %}
+<p> The item you requested does not exist on our server. </p>
+<p> Or you've come to the wrong place. </p>
+{% endblock %}

templates/layout.html

             </div>
 
             <div id="footer">
+                {% if not session.logged_in %}
+                <a href="{{ url_for('login') }}">log in</a>
+                {% else %}
+                You are logged in. <a href="{{ url_for('logout') }}">log out</a>
+                {% endif %}<br>
+                
                 OQS &mdash; Created by ME6900 TE, &copy;Wistron 2011
             </div>
 

templates/login.html

+{% extends "layout.html" %}
+{% block body %}
+  <h2>Login</h2>
+  {% if error %}<p class=error><strong>Error:</strong> {{ error }}{% endif %}
+  <form action="{{ url_for('login') }}" method=post>
+    <dl>
+      <dt>Username:
+      <dd><input type=text name=username>
+      <dt>Password:
+      <dd><input type=password name=password>
+      <dd><input type=submit value=Login>
+    </dl>
+  </form>
+{% endblock %}
+

templates/rule.html

 {% block body %}
 <h2>Edit rule</h2>
 
-<form action="/rules/" method="POST">
-    <p>Name: <input type="text" readonly="readonly" name="rule_name" value="{{
-    rule.name }}" /></p>
-    Description:<br>
-    <textarea name="rule_desc" cols=40 rows=4 readonly="readonly">{{ rule.desc }}</textarea><p>
-    Action:<br>
-    <textarea name="rule_action" cols=40 rows=4>{{ rule.action }}</textarea>
-    <input type="submit" value="Submit">
+{% if session.logged_in %}
+<form action="/rules/" method="POST" enctype="multipart/form-data">
+    <dl>
+        <dt>Name: 
+        <dd><input type="text" readonly="readonly" name="rule_name" value="{{ rule.name }}" /><p>
+        <dt>Description:
+        <dd><textarea name="rule_desc" cols=40 rows=4 readonly="readonly">{{ rule.desc }}</textarea><p>
+        <dt>Action:
+        <dd><textarea name="rule_action" cols=40 rows=4>{{ rule.action }}</textarea><p>
+        <dt>Attachment: 
+        <dd><input type="file" name="attachment">
+        <dd><input type="submit" value="Submit">
+    </dl>
 </form>
+{% else %}
+<p>Only admin can edit rules. Please <a href="{{ url_for('login')}}">login</a> first.</p> 
+{% endif %}
 
 {% endblock %}

templates/rules.html

 {% block body %}
 <h2>Rules</h2>
 <table class="unit_info">
-    <tr><th>ID</th><th>Name</th><th>Description</th><th>Action</th></tr>
+    <tr><th>ID</th><th>Name</th><th>Description</th><th>Action</th><th>Attachment</th></tr>
     {% for rule in rules %}
     <tr><td>{{rule.id}}</td>
         <td><a href="/rules/{{ rule.id }}">{{ rule.name }}</a></td>
         <td>{{ rule.desc }}</td>
-        <td>{{ rule.action }}</td></tr>
+        <td>{{ rule.action }}</td>
+        <td>{% if rule.attname %}
+            <a href=/uploads/{{rule.attname}}>{{ rule.attname }}</a>
+            {% else %}
+            N/A
+            {% endif %}</td>
+    </tr>
     {% endfor %}
 </table>