tetalab
/
stock
17
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
stock/tetastock.py

712 lines
25 KiB
Python
Executable File
Raw Blame History

#!/usr/bin/env python
# -*- coding: utf-8
import os
import datetime
import bcrypt
import binascii
import math
import psycopg2
from flask import Flask, request, session, g, redirect, url_for, abort, render_template, flash
from flask_sqlalchemy import SQLAlchemy
from functools import wraps
########################################################################
# App settings
########################################################################
app = Flask(__name__)
app.config.from_pyfile('config.py')
app.secret_key = '446307a5f61c2bb810436b2ee0f903f2'
app.debug = True
app.static_url_path='/static'
db = SQLAlchemy(app)
########################################################################
# Database
########################################################################
class Stock_users(db.Model):
id = db.Column(db.Integer, primary_key=True)
mail = db.Column(db.Text, nullable=False)
password = db.Column(db.Text, nullable=False)
name = db.Column(db.Text, nullable=False)
class Stock_componants(db.Model):
id = db.Column(db.Integer, primary_key=True)
reference = db.Column(db.Text, nullable=False)
designation = db.Column(db.Text, nullable=False)
last_price = db.Column(db.Float)
mean_price = db.Column(db.Float)
quantity = db.Column(db.Integer)
min_quantity = db.Column(db.Integer)
place = db.Column(db.Text, nullable=False)
provider_id = db.Column(db.Integer, nullable=False)
class Stock_providers(db.Model):
id = db.Column(db.Integer, primary_key=True)
name = db.Column(db.Text, nullable=False)
address = db.Column(db.Text)
mail = db.Column(db.Text)
url = db.Column(db.Text)
comment = db.Column(db.Text)
class Stock_kits(db.Model):
id = db.Column(db.Integer, primary_key=True)
name = db.Column(db.Text, nullable=False)
designation = db.Column(db.Text, nullable=False)
class Stock_kit_compositions(db.Model):
id = db.Column(db.Integer, primary_key=True)
kit_id = db.Column(db.Integer, db.ForeignKey('Stock_kits.id'), nullable=False)
componant_id = db.Column(db.Integer, db.ForeignKey('Stock_componants.id'), nullable=False)
quantity = db.Column(db.Integer, nullable=False)
price = db.Column(db.Integer, nullable=False)
class Stock_orders(db.Model):
id = db.Column(db.Integer, primary_key=True)
componant_id = db.Column(db.Integer, db.ForeignKey('Stock_componants.id'))
componant_quantity = db.Column(db.Integer, nullable=False)
date = db.Column(db.DateTime, nullable=False, default=datetime.datetime.utcnow)
injected = db.Column(db.Boolean, nullable=False, default=False)
def sync_cookies(response, session):
""" Sync cookies from session """
for key in session:
response.set_cookie(key, value=str(session[key]))
if key != u'session':
print '[c]', key, session[key]
def sync_session(request, session, offset_reset):
""" Sync session with cookies"""
for key in request.cookies:
try:
old = str(session[key])
session[key] = int(str(request.cookies[key].encode('utf8')))
except ValueError:
# Value is not an int, will be treated as string
session[key] = str(request.cookies[key].encode('utf8'))
except KeyError:
# Key does not exist in session
try:
session[key] = int(str(request.cookies[key].encode('utf8')))
except ValueError:
# Value is not an int, will be treated as string
session[key] = str(request.cookies[key].encode('utf8'))
if key in offset_reset and len(str(session[key])) > 0 and old != str(session[key]):
session['c_offset'] = 0
session['p_offset'] = 0
session['k_offset'] = 0
if key != u'session':
print '[s]', key, request.cookies[key]
def check_user(request, session):
""" Check user credentials """
if session['token'] and request.cookies['token']:
if len(session['token']) > 0 and len(request.cookies['token']) > 0:
if session['token'] == request.cookies['token']:
return True
return False
if 'login' not in request.cookies or 'password' not in request.cookies:
return False
if request.cookies['login'] and request.cookies['password']:
if request.cookies['login'] > 0 and request.cookies['password'] > 0:
hashed = Stock_users.query.filter_by(mail=request.cookies['login']).with_entities(Stock_users.password).first()
if hashed is None:
# User is unknown
return False
password = request.cookies['password'].encode('utf8')
hashed = hashed[0].encode('utf8')
if bcrypt.checkpw(password, hashed):
session['password'] = ''
session['login'] = ''
session['token'] = binascii.hexlify(os.urandom(42))
return True
# Password mismatch
return False
def resume_session(func):
@wraps(func)
def check(*args, **kwargs):
# Motherfuckin' bunch of defaults values
empty=u''
limit = 10
offset = 0
page = 1
nexthop = offset + limit
prevhop = offset
order = u'asc'
order_refresh = 0
c_sort = u'reference'
c_provider = 0
c_count = 0
p_sort = u'name'
p_count = 0
k_sort = u'name'
k_count = 0
offset_reset = [u'c_reference', u'c_designation', u'c_place',
u'c_provider', u'p_name', u'p_address', u'p_mail', u'p_url',
u'k_name', u'k_designation']
if not u'token' in session:
session[u'token'] = empty
if not u'password' in session:
session[u'password'] = empty
if not u'login' in session:
session[u'login'] = empty
if not u'session' in session:
session[u'session'] = empty
if not u'c_limit' in session:
session[u'c_limit'] = limit
if not u'c_offest' in session:
session[u'c_offset'] = offset
if not u'c_sort' in session:
session['c_sort'] = c_sort
if not u'c_order' in session:
session[u'c_order'] = order
if not u'c_order_refresh' in session:
session[u'c_order_refresh'] = order_refresh
if not u'c_page' in session:
session[u'c_page'] = page
if not u'c_nexthop' in session:
session[u'c_nexthop'] = nexthop
if not u'c_prevhop' in session:
session['c_prevhop'] = prevhop
if not u'c_reference' in session:
session[u'c_reference'] = empty
if not u'c_designation' in session:
session[u'c_designation'] = empty
if not u'c_place' in session:
session[u'c_place'] = empty
if not u'c_provider' in session:
session[u'c_provider'] = c_provider
if not u'c_count' in session:
session[u'c_count'] = c_count
if not u'p_sort' in session:
session[u'p_sort'] = p_sort
if not u'p_order' in session:
session[u'p_order'] = order
if not u'p_order_refresh' in session:
session[u'p_order_refresh'] = order_refresh
if not u'p_page' in session:
session[u'p_page'] = page
if not u'p_nexthop' in session:
session[u'p_nexthop'] = nexthop
if not u'p_prevhop' in session:
session[u'p_prevhop'] = prevhop
if not u'p_offset' in session:
session[u'p_offset'] = offset
if not u'p_limit' in session:
session[u'p_limit'] = limit
if not u'p_name' in session:
session[u'p_name'] = empty
if not u'p_address' in session:
session[u'p_address'] = empty
if not u'p_mail' in session:
session[u'p_mail'] = empty
if not u'p_url' in session:
session[u'p_url'] = empty
if not u'p_comment' in session:
session[u'p_comment'] = empty
if not u'p_count' in session:
session['p_count'] = p_count
if not u'k_sort' in session:
session[u'k_sort'] = k_sort
if not u'k_order' in session:
session[u'k_order'] = order
if not u'k_order_refresh' in session:
session[u'k_order_refresh'] = order_refresh
if not u'k_page' in session:
session[u'k_page'] = page
if not u'k_nexthop' in session:
session[u'k_nexthop'] = nexthop
if not u'k_prevhop' in session:
session[u'k_prevhop'] = prevhop
if not u'k_offset' in session:
session[u'k_offset'] = offset
if not u'k_limit' in session:
session[u'k_limit'] = limit
if not u'k_name' in session:
session[u'k_name'] = empty
if not u'k_address' in session:
session[u'k_address'] = empty
if not u'k_mail' in session:
session[u'k_mail'] = empty
if not u'k_url' in session:
session[u'k_url'] = empty
if not u'k_designation' in session:
session[u'k_designation'] = empty
if not u'k_count' in session:
session[u'k_count'] = k_count
# Cookies/session sync
sync_session(request, session, offset_reset)
# Switch sort order
refresh = {u'desc': u'asc', u'asc': u'desc'}
if session[u'c_order_refresh'] == 1:
session[u'c_order'] = refresh[session[u'c_order']]
session[u'c_order_refresh'] = 0
if session[u'p_order_refresh'] == 1:
session[u'p_order'] = refresh[session[u'p_order']]
session[u'p_order_refresh'] = 0
if session[u'k_order_refresh'] == 1:
session[u'k_order'] = refresh[session[u'k_order']]
session[u'k_order_refresh'] = 0
# Check for valid session
if not check_user(request, session):
# User is not logged in, send him back to login page
return render_template('login.html')
# Everything's fine
return func(*args, **kwargs)
return check
########################################################################
# Routes
########################################################################
@app.errorhandler(404)
def page_not_found(e):
return render_template('error.html'), 404
@app.route("/", methods=['GET', 'POST'])
@resume_session
def authenticate():
response = app.make_response(render_template('index.html'))
sync_cookies(response, session)
return response
########################################################################
# Componants
########################################################################
@app.route('/componants', methods=['GET', 'POST'])
@resume_session
def componants():
""" Main page """
providers = Stock_providers.query.order_by(Stock_providers.id).all()
return render_template('componants.html',
providers=providers,
reference=session[u'c_reference'].decode('utf8'),
designation=session[u'c_designation'].decode('utf8'),
place=session[u'c_place'].decode('utf8'),
provider_id=session[u'c_provider'])
@app.route('/componants/<componant_id>')
@resume_session
def get_componant(componant_id):
""" Edit componant """
try:
componant_id = int(componant_id)
except ValueError as e:
return render_template('error.html'), 404
componant = Stock_componants.query.filter_by(id=componant_id).first()
if componant:
providers = Stock_providers.query.order_by(Stock_providers.name).all()
provider = componant.provider_id
provider = Stock_providers.query.filter_by(id=provider).first()
return render_template('componant.html', componant=componant, providers=providers, provider=provider)
return render_template('error.html'), 404
@app.route('/componants/update/<componant_id>', methods=['POST'])
@resume_session
def update_componant(componant_id):
""" Update componant field"""
field = request.form['field']
value = request.form['value']
if field and value:
try:
componant = Stock_componants.query.filter_by(id=componant_id).first()
setattr(componant, field, value)
commit = db.session.commit()
if commit == None:
return 'OK'
except Exception as e:
pass
return 'KO'
@app.route('/componants/delete/<componant_id>')
@resume_session
def delete_componant(componant_id):
""" Delete componant """
try:
componant_id = int(componant_id)
Stock_componants.query.filter_by(id=componant_id).delete()
db.session.commit()
except ValueError as e:
return render_template('error.html'), 404
except Exception as e:
print "[+] Error at delete_componant:"
print "------------------------------"
print "%s" % e.message
print "------------------------------"
return componants()
@app.route('/componants/new', methods=['POST'])
@resume_session
def new_componant():
""" Add componant """
componant = Stock_componants(reference=session[u'c_reference'].decode('utf8'),
designation=session[u'c_designation'].decode('utf8'),
last_price=0,
mean_price=0,
quantity=0,
min_quantity=0,
place=session[u'c_place'].decode('utf8'),
provider_id=session[u'c_provider'])
try:
db.session.add(componant)
commit = db.session.commit()
except Exception as e:
print "[+] Error at new_componant:"
print "------------------------------"
print "%s" % e.message
print "------------------------------"
return 'KO'
if commit != None:
return 'KO'
return 'OK'
@app.route('/componants/in/<componant_id>')
@resume_session
def in_componants():
""" Incoming order """
return render_template('wip.html')
@app.route('/componants/out/<componant_id>')
@resume_session
def out_componants():
""" Outgoing order """
return render_template('wip.html')
## Componants update result set
@app.route('/componants/update', methods=['POST'])
@resume_session
def update_componants():
""" Display componants list """
# search by reference
like = '%s%s%s' % ('%', str(session[u'c_reference']), '%')
componants = Stock_componants.query.filter(Stock_componants.reference.like(like))
# search by designation
like = '%s%s%s' % ('%', str(session[u'c_designation']), '%')
componants = componants.filter(Stock_componants.designation.like(like))
# search by place
like = '%s%s%s' % ('%', str(session[u'c_place']),'%')
componants = componants.filter(Stock_componants.place.like(like))
# search by provider
if session['c_provider'] > 1:
componants = componants.filter_by(provider_id=session[u'c_provider'])
# Pages calculation
session[u'c_count'] = componants.count()
session[u'c_pagecount'] = int(math.ceil(session[u'c_count'] / float(session[u'c_limit'])))
session[u'c_page'] = int(math.ceil(float(float(session[u'c_offset']) + 1) / float(session[u'c_limit'])))
if session[u'c_page'] > session[u'c_pagecount']:
session[u'c_page'] = session[u'c_pagecount']
session[u'c_offset'] = 0
session[u'c_nexthop'] = session[u'c_offset'] + session[u'c_limit']
if session[u'c_nexthop'] > session[u'c_count'] - 1:
session[u'c_nexthop'] = int(session[u'c_offset'])
session[u'c_prevhop'] = int(session[u'c_offset']) - session[u'c_limit']
if session[u'c_prevhop'] < 0:
session[u'c_prevhop'] = 0
# Sorting
sort = getattr(Stock_componants, session[u'c_sort'])
if session[u'c_order'] == u'desc':
sort = getattr(Stock_componants, session[u'c_sort']).desc()
componants = componants.order_by(sort)
# Applying offset
componants = componants.offset(session[u'c_offset'])
# Applying limit
componants = componants.limit(session[u'c_limit'])
# Get result
componants = componants.all()
response = app.make_response(render_template('result_componants.html',
componants=componants,
offset=session[u'c_offset'] ,
nexthop=session[u'c_nexthop'],
prevhop=session[u'c_prevhop'],
page_count=session[u'c_pagecount'],
page=session[u'c_page'],
sort=session[u'c_sort'].decode('utf8'),
order=session[u'c_order'].decode('utf8'),
row_count=session[u'c_count']))
sync_cookies(response, session)
return response
########################################################################
# Providers
########################################################################
@app.route('/providers', methods=['GET', 'POST'])
@resume_session
def providers():
return render_template('providers.html',
name=session[u'p_name'].decode('utf8'),
address=session[u'p_address'].decode('utf8'),
mail=session[u'p_mail'].decode('utf8'),
url=session[u'p_url'].decode('utf8'),
comment=session[u'p_comment'].decode('utf8'))
@app.route('/providers/<provider_id>')
@resume_session
def get_provider(provider_id):
""" Edit provider """
try:
provider_id = int(provider_id)
except ValueError as e:
return render_template('error.html'), 404
provider = Stock_providers.query.filter_by(id=provider_id).first()
if provider:
return render_template('provider.html', provider=provider)
return render_template('error.html'), 404
@app.route('/providers/update/<provider_id>', methods=['POST'])
@resume_session
def update_provider(provider_id):
""" Update provider field"""
field = request.form['field']
value = request.form['value']
if field and value:
try:
provider = Stock_providers.query.filter_by(id=provider_id).first()
setattr(provider, field, value)
commit = db.session.commit()
if commit == None:
return 'OK'
except Exception as e:
pass
return 'KO'
@app.route('/providers/new', methods=['POST'])
@resume_session
def new_provider():
""" Add provider """
provider = Stock_providers(name=session[u'p_name'].decode('utf8'),
address=session[u'p_address'].decode('utf8'),
mail=session[u'p_mail'].decode('utf8'),
url=session[u'p_url'].decode('utf8'),
comment=session[u'p_comment'].decode('utf8'))
try:
db.session.add(provider)
commit = db.session.commit()
except Exception as e:
print "[+] Error at new_provider:"
print "------------------------------"
print "%s" % e.message
print "------------------------------"
return 'KO'
if commit != None:
return 'KO'
return 'OK'
@app.route('/providers/delete/<provider_id>')
@resume_session
def delete_provider(provider_id):
""" Delete provider """
try:
provider_id = int(provider_id)
Stock_providers.query.filter_by(id=provider_id).delete()
db.session.commit()
except ValueError as e:
return render_template('error.html'), 404
except Exception as e:
print "[+] Error at delete_provider:"
print "------------------------------"
print "%s" % e.message
print "------------------------------"
return providers()
@app.route('/providers/update', methods=['POST'])
@resume_session
def search_providers():
""" Display componants list """
# search by reference
like = '%s%s%s' % ('%', str(session[u'p_name']), '%')
providers = Stock_providers.query.filter(Stock_providers.name.like(like))
# search by address
like = '%s%s%s' % ('%', str(session[u'p_address']), '%')
providers = providers.filter(Stock_providers.address.like(like))
# search by place
like = '%s%s%s' % ('%', str(session[u'p_mail']),'%')
providers = providers.filter(Stock_providers.mail.like(like))
# search by place
like = '%s%s%s' % ('%', str(session[u'p_url']),'%')
providers = providers.filter(Stock_providers.url.like(like))
# search by place
like = '%s%s%s' % ('%', str(session[u'p_comment']),'%')
providers = providers.filter(Stock_providers.comment.like(like))
# Don't take 'all' and 'none' entry
providers = providers.filter(Stock_providers.id > 2)
# Pages calculation
session[u'p_count'] = providers.count()
session[u'p_pagecount'] = int(math.ceil(session[u'p_count'] / float(session[u'p_limit'])))
session[u'p_page'] = int(math.ceil(float(float(session[u'p_offset']) + 1) / float(session[u'p_limit'])))
if session[u'p_page'] > session[u'p_pagecount']:
session[u'p_page'] = session[u'p_pagecount']
session[u'p_offset'] = 0
session[u'p_nexthop'] = session[u'p_offset'] + session[u'p_limit']
if session[u'p_nexthop'] > session[u'p_count'] - 1:
session[u'p_nexthop'] = int(session[u'p_offset'])
session[u'p_prevhop'] = int(session[u'p_offset']) - session[u'p_limit']
if session[u'p_prevhop'] < 0:
session[u'p_prevhop'] = 0
# Sorting
sort = getattr(Stock_providers, session[u'p_sort'])
if session[u'p_order'] == u'desc':
sort = getattr(Stock_providers, session[u'p_sort']).desc()
providers = providers.order_by(sort)
# Applying offset
providers = providers.offset(session[u'p_offset'])
# Applying limit
providers = providers.limit(session[u'p_limit'])
# Get result
providers = providers.all()
response = app.make_response(render_template('result_providers.html',
providers=providers,
offset=session[u'p_offset'] ,
nexthop=session[u'p_nexthop'],
prevhop=session[u'p_prevhop'],
page_count=session[u'p_pagecount'],
page=session[u'p_page'],
sort=session[u'p_sort'].decode('utf8'),
order=session[u'p_order'].decode('utf8'),
row_count=session[u'p_count']))
sync_cookies(response, session)
return response
########################################################################
# Kits
########################################################################
@app.route('/kits', methods=['GET', 'POST'])
@resume_session
def kits():
return render_template('kits.html',
name=session[u'k_name'].decode('utf8'),
designation=session[u'k_designation'].decode('utf8'))
@app.route('/kits/<kit_id>')
@resume_session
def get_kit(kit_id):
""" Edit kit """
try:
kit_id = int(kit_id)
except ValueError as e:
return render_template('error.html'), 404
kit = Stock_kits.query.filter_by(id=kit_id).first()
if kit:
return render_template('kit.html', kit=kit)
return render_template('error.html'), 404
@app.route('/kits/update/<kit_id>', methods=['POST'])
@resume_session
def update_kit(kit_id):
""" Update kit field"""
field = request.form['field']
value = request.form['value']
if field and value:
try:
kit = Stock_kits.query.filter_by(id=kit_id).first()
setattr(kit, field, value)
commit = db.session.commit()
if commit == None:
return 'OK'
except Exception as e:
pass
return 'KO'
@app.route('/kits/new', methods=['POST'])
@resume_session
def new_kit():
""" Add kit """
kit = Stock_kits(name=session[u'k_name'].decode('utf8'),
designation=session[u'k_designation'].decode('utf8'))
try:
db.session.add(kit)
commit = db.session.commit()
except Exception as e:
print "[+] Error at new_kit:"
print "------------------------------"
print "%s" % e.message
print "------------------------------"
return 'KO'
if commit != None:
return 'KO'
return 'OK'
@app.route('/kits/delete/<kit_id>')
@resume_session
def delete_kit(kit_id):
""" Delete kit """
try:
kit_id = int(kit_id)
Stock_kit_compositions.query.filter_by(kit_id=kit_id).delete()
Stock_kits.query.filter_by(id=kit_id).delete()
db.session.commit()
except ValueError as e:
return render_template('error.html'), 404
except Exception as e:
print "[+] Error at delete_kit:"
print "------------------------------"
print "%s" % e.message
print "------------------------------"
return kits()
@app.route('/kits/update', methods=['POST'])
@resume_session
def search_kits():
""" Display componants list """
# search by name
like = '%s%s%s' % ('%', str(session[u'k_name']), '%')
kits = Stock_kits.query.filter(Stock_kits.name.like(like))
# search by designation
like = '%s%s%s' % ('%', str(session[u'k_designation']), '%')
kits = kits.filter(Stock_kits.designation.like(like))
# Pages calculation
session[u'k_count'] = kits.count()
session[u'k_pagecount'] = int(math.ceil(session[u'k_count'] / float(session[u'k_limit'])))
session[u'k_page'] = int(math.ceil(float(float(session[u'k_offset']) + 1) / float(session[u'k_limit'])))
if session[u'k_page'] > session[u'k_pagecount']:
session[u'k_page'] = session[u'k_pagecount']
session[u'k_offset'] = 0
session[u'k_nexthop'] = session[u'k_offset'] + session[u'k_limit']
if session[u'k_nexthop'] > session[u'k_count'] - 1:
session[u'k_nexthop'] = int(session[u'k_offset'])
session[u'k_prevhop'] = int(session[u'k_offset']) - session[u'k_limit']
if session[u'k_prevhop'] < 0:
session[u'k_prevhop'] = 0
# Sorting
sort = getattr(Stock_kits, session[u'k_sort'].decode('utf8'))
if session[u'k_order'] == 'desc':
sort = getattr(Stock_kits, session[u'k_sort'].decode('utf8')).desc()
kits = kits.order_by(sort)
# Applying offset
kits = kits.offset(session[u'k_offset'])
# Applying limit
kits = kits.limit(session[u'k_limit'])
# Get result
kits = kits.all()
response = app.make_response(render_template('result_kits.html',
kits=kits,
offset=session[u'k_offset'] ,
nexthop=session[u'k_nexthop'],
prevhop=session[u'k_prevhop'],
page_count=session[u'k_pagecount'],
page=session[u'k_page'],
sort=session[u'k_sort'].decode('utf8'),
order=session[u'k_order'].decode('utf8'),
row_count=session[u'k_count']))
for key in session:
response.set_cookie(key, value=str(session[key]))
if key != 'session':
print '[c]', key, session[key]
return response
# Main #######################################
if __name__ == '__main__':
app.run(host='0.0.0.0')
Reference in New Issue View Git Blame Copy Permalink