diff --git a/instance/users.db b/instance/users.db
deleted file mode 100644
index f054575..0000000
Binary files a/instance/users.db and /dev/null differ
diff --git a/py_app/app/__pycache__/routes.cpython-312.pyc b/py_app/app/__pycache__/routes.cpython-312.pyc
index 7e521c0..4cb294b 100644
Binary files a/py_app/app/__pycache__/routes.cpython-312.pyc and b/py_app/app/__pycache__/routes.cpython-312.pyc differ
diff --git a/py_app/app/__pycache__/settings.cpython-312.pyc b/py_app/app/__pycache__/settings.cpython-312.pyc
index e6e5e39..fd127d3 100644
Binary files a/py_app/app/__pycache__/settings.cpython-312.pyc and b/py_app/app/__pycache__/settings.cpython-312.pyc differ
diff --git a/py_app/app/routes.py b/py_app/app/routes.py
index 00198e6..5f86e77 100644
--- a/py_app/app/routes.py
+++ b/py_app/app/routes.py
@@ -9,7 +9,14 @@ from reportlab.pdfgen import canvas
from flask import Blueprint, render_template, request, redirect, url_for, flash
import csv
from .warehouse import add_location
-from .settings import settings_handler, edit_access_roles_handler
+from .settings import (
+ settings_handler,
+ edit_access_roles_handler,
+ create_user_handler,
+ edit_user_handler,
+ delete_user_handler,
+ save_external_db_handler
+)
bp = Blueprint('main', __name__)
warehouse_bp = Blueprint('warehouse', __name__)
@@ -53,8 +60,18 @@ def get_db_connection():
def login():
import sqlite3
if request.method == 'POST':
- username = request.form['username']
- password = request.form['password']
+ # Debug: print all form data received
+ print("All form data received:", dict(request.form))
+
+ # Safely get username and password with fallback
+ username = request.form.get('username', '').strip()
+ password = request.form.get('password', '').strip()
+
+ if not username or not password:
+ print("Missing username or password")
+ flash('Please enter both username and password.')
+ return render_template('login.html')
+
user = None
print("Raw form input:", repr(username), repr(password))
@@ -233,98 +250,19 @@ def logout():
@bp.route('/create_user', methods=['POST'])
def create_user():
- if 'role' not in session or session['role'] != 'superadmin':
- flash('Access denied: Superadmin only.')
- return redirect(url_for('main.settings'))
-
- username = request.form['username']
- password = request.form['password']
- role = request.form['role']
-
- # Check if the username already exists
- if User.query.filter_by(username=username).first():
- flash('User already exists.')
- return redirect(url_for('main.settings'))
-
- # Create a new user
- new_user = User(username=username, password=password, role=role)
- db.session.add(new_user)
- db.session.commit()
-
- flash('User created successfully.')
- return redirect(url_for('main.settings'))
+ return create_user_handler()
@bp.route('/edit_user', methods=['POST'])
def edit_user():
- if 'role' not in session or session['role'] != 'superadmin':
- flash('Access denied: Superadmin only.')
- return redirect(url_for('main.settings'))
-
- user_id = request.form['user_id']
- password = request.form['password']
- role = request.form['role']
-
- # Fetch the user from the database
- user = User.query.get(user_id)
- if not user:
- flash('User not found.')
- return redirect(url_for('main.settings'))
-
- # Update the user's details
- if password:
- user.password = password
- user.role = role
- db.session.commit()
-
- flash('User updated successfully.')
- return redirect(url_for('main.settings'))
+ return edit_user_handler()
@bp.route('/delete_user', methods=['POST'])
def delete_user():
- if 'role' not in session or session['role'] != 'superadmin':
- flash('Access denied: Superadmin only.')
- return redirect(url_for('main.settings'))
-
- user_id = request.form['user_id']
-
- # Fetch the user from the database
- user = User.query.get(user_id)
- if not user:
- flash('User not found.')
- return redirect(url_for('main.settings'))
-
- # Delete the user
- db.session.delete(user)
- db.session.commit()
-
- flash('User deleted successfully.')
- return redirect(url_for('main.settings'))
+ return delete_user_handler()
@bp.route('/save_external_db', methods=['POST'])
def save_external_db():
- if 'role' not in session or session['role'] != 'superadmin':
- flash('Access denied: Superadmin only.')
- return redirect(url_for('main.settings'))
-
- # Get form data
- server_domain = request.form['server_domain']
- port = request.form['port']
- database_name = request.form['database_name']
- username = request.form['username']
- password = request.form['password']
-
- # Save data to a file in the instance folder
- settings_file = os.path.join(current_app.instance_path, 'external_server.conf')
- os.makedirs(os.path.dirname(settings_file), exist_ok=True)
- with open(settings_file, 'w') as f:
- f.write(f"server_domain={server_domain}\n")
- f.write(f"port={port}\n")
- f.write(f"database_name={database_name}\n")
- f.write(f"username={username}\n")
- f.write(f"password={password}\n")
-
- flash('External database settings saved/updated successfully.')
- return redirect(url_for('main.settings'))
+ return save_external_db_handler()
@bp.route('/get_report_data', methods=['GET'])
def get_report_data():
diff --git a/py_app/app/settings.py b/py_app/app/settings.py
index 0ea4544..7b59a67 100644
--- a/py_app/app/settings.py
+++ b/py_app/app/settings.py
@@ -1,6 +1,8 @@
-from flask import render_template, request, session, redirect, url_for, flash
+from flask import render_template, request, session, redirect, url_for, flash, current_app
from .models import User
from . import db
+import mariadb
+import os
# Settings module logic
import sqlite3
@@ -60,17 +62,224 @@ def settings_handler():
if 'role' not in session or session['role'] != 'superadmin':
flash('Access denied: Superadmin only.')
return redirect(url_for('main.dashboard'))
- users = User.query.all()
+
+ # Get users from external MariaDB database
+ users = []
+ try:
+ conn = get_external_db_connection()
+ cursor = conn.cursor()
+
+ # Create users table if it doesn't exist
+ cursor.execute('''
+ CREATE TABLE IF NOT EXISTS users (
+ id INT AUTO_INCREMENT PRIMARY KEY,
+ username VARCHAR(50) UNIQUE NOT NULL,
+ password VARCHAR(255) NOT NULL,
+ role VARCHAR(50) NOT NULL
+ )
+ ''')
+
+ # Get all users from external database
+ cursor.execute("SELECT id, username, password, role FROM users")
+ users_data = cursor.fetchall()
+
+ # Convert to list of dictionaries for template compatibility
+ users = []
+ for user_data in users_data:
+ users.append({
+ 'id': user_data[0],
+ 'username': user_data[1],
+ 'password': user_data[2],
+ 'role': user_data[3]
+ })
+
+ conn.close()
+
+ except Exception as e:
+ print(f"Error fetching users from external database: {e}")
+ flash(f'Error loading users: {e}')
+
# Load external database settings from the instance folder
external_settings = {}
- import os
- from flask import current_app
settings_file = os.path.join(current_app.instance_path, 'external_server.conf')
if os.path.exists(settings_file):
with open(settings_file, 'r') as f:
for line in f:
key, value = line.strip().split('=', 1)
external_settings[key] = value
+
return render_template('settings.html', users=users, external_settings=external_settings)
-# Add more settings-related functions here as needed
+# Helper function to get external database connection
+def get_external_db_connection():
+ """Reads the external_server.conf file and returns a MariaDB database connection."""
+ settings_file = os.path.join(current_app.instance_path, 'external_server.conf')
+ if not os.path.exists(settings_file):
+ raise FileNotFoundError("The external_server.conf file is missing in the instance folder.")
+
+ # Read settings from the configuration file
+ settings = {}
+ with open(settings_file, 'r') as f:
+ for line in f:
+ key, value = line.strip().split('=', 1)
+ settings[key] = value
+
+ # Create a database connection
+ return mariadb.connect(
+ user=settings['username'],
+ password=settings['password'],
+ host=settings['server_domain'],
+ port=int(settings['port']),
+ database=settings['database_name']
+ )
+
+# User management handlers
+def create_user_handler():
+ if 'role' not in session or session['role'] != 'superadmin':
+ flash('Access denied: Superadmin only.')
+ return redirect(url_for('main.settings'))
+
+ username = request.form['username']
+ password = request.form['password']
+ role = request.form['role']
+
+ try:
+ # Connect to external MariaDB database
+ conn = get_external_db_connection()
+ cursor = conn.cursor()
+
+ # Create users table if it doesn't exist
+ cursor.execute('''
+ CREATE TABLE IF NOT EXISTS users (
+ id INT AUTO_INCREMENT PRIMARY KEY,
+ username VARCHAR(50) UNIQUE NOT NULL,
+ password VARCHAR(255) NOT NULL,
+ role VARCHAR(50) NOT NULL
+ )
+ ''')
+
+ # Check if the username already exists
+ cursor.execute("SELECT id FROM users WHERE username = %s", (username,))
+ if cursor.fetchone():
+ flash('User already exists.')
+ conn.close()
+ return redirect(url_for('main.settings'))
+
+ # Create a new user in external MariaDB
+ cursor.execute("""
+ INSERT INTO users (username, password, role)
+ VALUES (%s, %s, %s)
+ """, (username, password, role))
+
+ conn.commit()
+ conn.close()
+ flash('User created successfully in external database.')
+
+ except Exception as e:
+ print(f"Error creating user in external database: {e}")
+ flash(f'Error creating user: {e}')
+
+ return redirect(url_for('main.settings'))
+
+def edit_user_handler():
+ if 'role' not in session or session['role'] != 'superadmin':
+ flash('Access denied: Superadmin only.')
+ return redirect(url_for('main.settings'))
+
+ user_id = request.form.get('user_id')
+ password = request.form.get('password', '').strip()
+ role = request.form.get('role')
+
+ if not user_id or not role:
+ flash('Missing required fields.')
+ return redirect(url_for('main.settings'))
+
+ try:
+ # Connect to external MariaDB database
+ conn = get_external_db_connection()
+ cursor = conn.cursor()
+
+ # Check if the user exists
+ cursor.execute("SELECT id FROM users WHERE id = %s", (user_id,))
+ if not cursor.fetchone():
+ flash('User not found.')
+ conn.close()
+ return redirect(url_for('main.settings'))
+
+ # Update the user's details in external MariaDB
+ if password: # Only update password if provided
+ cursor.execute("""
+ UPDATE users SET password = %s, role = %s WHERE id = %s
+ """, (password, role, user_id))
+ flash('User updated successfully (including password).')
+ else: # Just update role if no password provided
+ cursor.execute("""
+ UPDATE users SET role = %s WHERE id = %s
+ """, (role, user_id))
+ flash('User role updated successfully.')
+
+ conn.commit()
+ conn.close()
+
+ except Exception as e:
+ print(f"Error updating user in external database: {e}")
+ flash(f'Error updating user: {e}')
+
+ return redirect(url_for('main.settings'))
+
+def delete_user_handler():
+ if 'role' not in session or session['role'] != 'superadmin':
+ flash('Access denied: Superadmin only.')
+ return redirect(url_for('main.settings'))
+
+ user_id = request.form['user_id']
+
+ try:
+ # Connect to external MariaDB database
+ conn = get_external_db_connection()
+ cursor = conn.cursor()
+
+ # Check if the user exists
+ cursor.execute("SELECT id FROM users WHERE id = %s", (user_id,))
+ if not cursor.fetchone():
+ flash('User not found.')
+ conn.close()
+ return redirect(url_for('main.settings'))
+
+ # Delete the user from external MariaDB
+ cursor.execute("DELETE FROM users WHERE id = %s", (user_id,))
+
+ conn.commit()
+ conn.close()
+ flash('User deleted successfully from external database.')
+
+ except Exception as e:
+ print(f"Error deleting user from external database: {e}")
+ flash(f'Error deleting user: {e}')
+
+ return redirect(url_for('main.settings'))
+
+def save_external_db_handler():
+ if 'role' not in session or session['role'] != 'superadmin':
+ flash('Access denied: Superadmin only.')
+ return redirect(url_for('main.settings'))
+
+ # Get form data
+ server_domain = request.form['server_domain']
+ port = request.form['port']
+ database_name = request.form['database_name']
+ username = request.form['username']
+ password = request.form['password']
+
+ # Save data to a file in the instance folder
+ settings_file = os.path.join(current_app.instance_path, 'external_server.conf')
+ os.makedirs(os.path.dirname(settings_file), exist_ok=True)
+ with open(settings_file, 'w') as f:
+ f.write(f"server_domain={server_domain}\n")
+ f.write(f"port={port}\n")
+ f.write(f"database_name={database_name}\n")
+ f.write(f"username={username}\n")
+ f.write(f"password={password}\n")
+
+ flash('External database settings saved/updated successfully.')
+ return redirect(url_for('main.settings'))
diff --git a/py_app/app/templates/settings.html b/py_app/app/templates/settings.html
index 006726f..5f6d7a1 100644
--- a/py_app/app/templates/settings.html
+++ b/py_app/app/templates/settings.html
@@ -12,7 +12,7 @@
{{ user.username }}
Role: {{ user.role }}
-
+
{% endfor %}
@@ -48,10 +48,11 @@