from flask import ( Blueprint, flash, g, redirect, render_template, request, session, url_for, current_app ) from werkzeug.utils import secure_filename import os, uuid from myriad.auth import login_required from myriad.db import get_db bp = Blueprint('manage', __name__, url_prefix='/manage') @bp.route('/new', methods=('GET', 'POST')) @login_required def new(): if request.method == 'POST': name = request.form['name'] bio = request.form['bio'] user_id = g.user[0] db = get_db() db.execute("INSERT INTO member (user_id, member_name, bio) VALUES (?, ?, ?)",(user_id, name, bio)) db.commit() return redirect(url_for('home.full_list')) return render_template('manage/new.html') @bp.route("/delete/") @login_required def delete(mid): db = get_db() db.execute("DELETE FROM member WHERE id=(?)",(mid,)) db.commit() return redirect(url_for('home.full_list')) @bp.route("/edit/", methods=('GET', 'POST')) @login_required def edit(mid): db = get_db() if request.method == "POST": if "name" in request.form: name = request.form['name'] bio = request.form['bio'] subtitle = request.form['subtitle'] privacy = request.form["privacy"] db.execute("UPDATE member SET member_name=(?), bio=(?), subtitle=(?), public=(?) WHERE id=(?)",(name, bio, subtitle, privacy, mid)) db.commit() if "file" in request.files: # here we are just saving the uploaded file to the icons folder. # we're not going hard on security because we expect there to only be 1 admin # but the filename will always be changed to a random string of numbers and letters known as uuid file = request.files["file"] filename = str(uuid.uuid4()) + "." + file.filename.split(".")[1] file.save(os.path.join(current_app.config["ICON_UPLOAD_FOLDER"], filename)) db.execute("INSERT INTO icons (member_id, icon_location) VALUES (?, ?)", (mid, filename),) db.commit() if "c9" in request.form: c9 = request.form["c9"] c10 = request.form["c10"] c11 = request.form["c11"] c12 = request.form["c12"] c13 = request.form["c13"] c14 = request.form["c14"] c15 = request.form["c15"] c16 = request.form["c16"] c21 = request.form["c21"] c22 = request.form["c22"] db.execute("UPDATE member SET card_border=(?), card_bg=(?), heading_bg=(?), heading_border=(?), heading_name=(?), heading_subtitle=(?), card_text=(?), icon_border=(?), a1=(?), a2=(?) WHERE id=(?)",(c9, c10, c11, c12, c13, c14, c15, c16, c21, c22, mid)) db.commit() if "gid_add" in request.form: gid = request.form["gid_add"] db.execute("INSERT INTO group_members (group_id,member_id) VALUES (?,?)",(gid,mid)) db.commit() elif "gid_remove" in request.form: gid = request.form["gid_remove"] db.execute("DELETE FROM group_members WHERE group_id=(?) AND member_id=(?)",(gid,mid)) db.commit() member = db.execute("SELECT * FROM member WHERE id=(?)",(mid,)).fetchone() icons = db.execute("SELECT * FROM icons WHERE member_id=(?)",(mid,)).fetchall() groups = db.execute("SELECT * FROM groups").fetchall() member_groups = db.execute("SELECT * FROM group_members WHERE member_id=(?)",(mid,)).fetchall() unjoined_groups = [] joined_groups = [] joined_ids = [] for group in member_groups: joined_ids.append(group[1]) for group in groups: if group[0] in joined_ids: joined_groups.append(group) else: unjoined_groups.append(group) return render_template("manage/edit.html", member=member, icons=icons, unjoined_groups=unjoined_groups, joined_groups=joined_groups) @bp.route("/set_main_icon//") @login_required def set_main_icon(mid, icon_id): db = get_db() db.execute("UPDATE member SET main_icon=(?) WHERE id=(?)",(icon_id, mid)) db.commit() return redirect(url_for("manage.edit", mid=mid)) @bp.route("/delete_icon//") @login_required def delete_icon(mid, icon_id): db = get_db() icon = db.execute("SELECT icon_location FROM icons WHERE id=(?)",(icon_id,)).fetchone() db.execute("DELETE FROM icons WHERE id=(?)",(icon_id,)) db.commit() os.remove(os.path.join(current_app.config["ICON_UPLOAD_FOLDER"], icon[0])) return redirect(url_for("manage.edit", mid=mid)) @bp.route("/add_to_front/") @login_required def add_to_front(mid): db = get_db() db.execute("UPDATE member SET front=(?) WHERE id=(?)",(1, mid)) db.commit() return redirect(url_for('home.full_list')) @bp.route("/remove_front/") @login_required def remove_front(mid): db = get_db() db.execute("UPDATE member SET front=(?) WHERE id=(?)",(0, mid)) db.commit() return redirect(url_for('home.full_list')) @bp.route("/add_to_home/") @login_required def add_to_home(mid): db = get_db() db.execute("UPDATE member SET homepage=(?) WHERE id=(?)",(1, mid)) db.commit() return redirect(url_for('home.full_list')) @bp.route("/remove_home/") @login_required def remove_home(mid): db = get_db() db.execute("UPDATE member SET homepage=(?) WHERE id=(?)",(0, mid)) db.commit() return redirect(url_for('home.full_list')) @bp.route("/reset_theme/") @login_required def reset_theme(mid): c9 = "#99dfff" c10 = "#e6f7ff" c11 = "#b3e7ff" c12 = "#008bcc" c13 = "black" c14 = "black" c15 = "black" c16 = "#008bcc" c21 = "#008bcc" c22 = "#026897" db = get_db() db.execute("UPDATE member SET card_border=(?), card_bg=(?), heading_bg=(?), heading_border=(?), heading_name=(?), heading_subtitle=(?), card_text=(?), icon_border=(?), a1=(?), a2=(?) WHERE id=(?)",(c9, c10, c11, c12, c13, c14, c15, c16, c21, c22, mid)) db.commit() return redirect(url_for("manage.edit", mid=mid)) @bp.route("/assets") @login_required def assets(): db = get_db() icons = db.execute("SELECT * FROM icons").fetchall() icon_storage = os.listdir(current_app.config["ICON_UPLOAD_FOLDER"]) i_storage = [] for icon in icon_storage: in_database = False for i in icons: if i[2] == icon: in_database = True if not in_database: i_storage.append(icon) unlinked_icons = [] for i in icons: in_storage = False if i[2] in icon_storage: in_storage = True if not in_storage: unlinked_icons.append(i) return render_template("manage/assets.html", icons=unlinked_icons, icon_storage=i_storage) @bp.route("/delete_idb") @login_required def delete_idb(): db = get_db() icons = db.execute("SELECT * FROM icons").fetchall() icon_storage = os.listdir(current_app.config["ICON_UPLOAD_FOLDER"]) for i in icons: in_storage = False if i[2] in icon_storage: in_storage = True if not in_storage: db.execute("DELETE FROM icons WHERE id=(?)", (i[0],)) db.commit() return redirect(url_for("manage.assets")) @bp.route("/delete_ifiles") @login_required def delete_ifiles(): db = get_db() icons = db.execute("SELECT * FROM icons").fetchall() icon_storage = os.listdir(current_app.config["ICON_UPLOAD_FOLDER"]) for icon in icon_storage: in_database = False for i in icons: if i[2] == icon: in_database = True if not in_database: os.remove(os.path.join(current_app.config["ICON_UPLOAD_FOLDER"], icon)) return redirect(url_for("manage.assets")) @bp.route("/groups", methods=('GET', 'POST')) @login_required def groups(): db = get_db() if request.method == "POST": name = request.form['name'] desc = request.form['desc'] db.execute("INSERT INTO groups (group_name, group_description) VALUES (?, ?)",(name, desc)) db.commit() groups = db.execute("SELECT * FROM groups").fetchall() return render_template("manage/groups.html", groups=groups) @bp.route("/group_edit/", methods=("GET", "POST")) @login_required def group_edit(gid): db = get_db() if request.method == "POST": name = request.form["name"] desc = request.form["desc"] privacy = request.form["privacy"] db.execute("UPDATE groups SET group_name=(?), group_description=(?), public=(?) WHERE id=(?)",(name, desc, privacy, gid)) db.commit() return redirect(url_for("manage.groups"))