Commit 6f49d4f3 authored by Vladislav Rykov's avatar Vladislav Rykov
Browse files

user delete admin tested

parent d91e17e2
...@@ -20,7 +20,7 @@ def create_table(cur, appkey, devid): ...@@ -20,7 +20,7 @@ def create_table(cur, appkey, devid):
def delete_table(cur, appkey, devid): def delete_table(cur, appkey, devid):
tn = 'dev_' +str(appkey)+ '_' +str(devid) tn = 'dev_' +str(appkey)+ '_' +str(devid)
cur.execute( cur.execute(
psycopg2.sql.SQL( sql.SQL(
"DROP TABLE {}" "DROP TABLE {}"
).format(sql.Identifier(tn))) ).format(sql.Identifier(tn)))
return (True,) return (True,)
......
...@@ -19,7 +19,7 @@ def create_datatable(cur, appkey, dev_id): ...@@ -19,7 +19,7 @@ def create_datatable(cur, appkey, dev_id):
def delete_datatable(cur, appkey, dev_id): def delete_datatable(cur, appkey, dev_id):
tn = 'dev_' +str(appkey)+ '_' +str(dev_id) tn = 'dev_' +str(appkey)+ '_' +str(dev_id)
cur.execute( cur.execute(
psycopg2.sql.SQL( sql.SQL(
"DROP TABLE {}" "DROP TABLE {}"
).format(sql.Identifier(tn))) ).format(sql.Identifier(tn)))
return (True,) return (True,)
...@@ -42,7 +42,7 @@ def create_table(cur, appkey): ...@@ -42,7 +42,7 @@ def create_table(cur, appkey):
def delete_table(cur, appkey): def delete_table(cur, appkey):
tn = 'devices_' +str(appkey) tn = 'devices_' +str(appkey)
cur.execute( cur.execute(
psycopg2.sql.SQL( sql.SQL(
"DROP TABLE {}" "DROP TABLE {}"
).format(sql.Identifier(tn))) ).format(sql.Identifier(tn)))
return (True,) return (True,)
......
...@@ -47,7 +47,18 @@ def update_password(cur, name, password): ...@@ -47,7 +47,18 @@ def update_password(cur, name, password):
return (True,) return (True,)
@with_psql @with_psql
def get(cur, name, password): def get(cur, name):
query = """
SELECT * FROM
users
WHERE
name = %s
"""
cur.execute(query, (name,))
return (True, cur.fetchone())
@with_psql
def check(cur, name, password):
query = """ query = """
SELECT * FROM SELECT * FROM
users users
......
...@@ -86,7 +86,7 @@ def login(): ...@@ -86,7 +86,7 @@ def login():
flash('Username or password fields cannot be empty', 'danger') flash('Username or password fields cannot be empty', 'danger')
return redirect(request.url) return redirect(request.url)
else: else:
res = ud.get(username, password) res = ud.check(username, password)
if (not res[0]): if (not res[0]):
flash('Error: {}'.format(res[1]), 'danger') flash('Error: {}'.format(res[1]), 'danger')
return redirect(request.url) return redirect(request.url)
...@@ -132,7 +132,7 @@ def app_(): ...@@ -132,7 +132,7 @@ def app_():
error = 'Application name cannot be empty.' error = 'Application name cannot be empty.'
return render_template('public/new-app.html', feedback=error) return render_template('public/new-app.html', feedback=error)
else: else:
appkey = misc.rand_str(app.config['APPKEY_LENGTH']) appkey = misc.rand_str(app.config['APPKEY_LENGTH']).decode('utf-8')
res = ad.create(request.form['appname'], appkey, session['name'], request.form['appdesc']) res = ad.create(request.form['appname'], appkey, session['name'], request.form['appdesc'])
if not res[0]: if not res[0]:
...@@ -397,8 +397,43 @@ def user(): ...@@ -397,8 +397,43 @@ def user():
@app.route('/user-delete') @app.route('/user-delete')
def user_delete(): def user_delete():
user = ud.get(request.args.get('name')) user = ud.get(request.args.get('name'))
if user[1][2] != 'admin' and session['role'] and session['role'] == 'admin': if user[0] and user[1][2] != 'admin' and session['role'] == 'admin':
app_list = ad.get_list(user[1][0])
res = (True,)
if app_list[0]:
for app in app_list[1]:
devs = dd.get_list(app[1])
print('devs: {}'.format(devs))
for dev in devs[1]:
res = data.delete_table(app[1], dev[1])
print ('data del {}'.format(res))
if not res[0]:
break
if res[0]:
res = dd.delete_table(app[1])
print ('devices del {}'.format(res))
if res[0]:
res = ad.delete(app[1])
print ('app del {}'.format(res))
if not res[0]:
break
if res[0]:
res = ud.delete(user[1][0])
print ('user del {}'.format(res))
if not res[0]:
flash('Error: {}'.format(res[1]), 'danger')
return render_template('admin/user.html', username=user[1][0])
else:
return redirect(url_for('dashboard'))
else:
flash('Warning: the user is admin or does not exist.' ,'warning')
return redirect(url_for('index'))
def pend_delete_all_ack(): def pend_delete_all_ack():
pend.delete_all_ack() pend.delete_all_ack()
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment