updated creation of the database for users

2025-09-12 21:24:22 +03:00
parent 6eab631604
commit 4597595db4
6 changed files with 266 additions and 96 deletions
--- a/py_app/app/settings.py
+++ b/py_app/app/settings.py
@@ -1,6 +1,8 @@
-from flask import render_template, request, session, redirect, url_for, flash
+from flask import render_template, request, session, redirect, url_for, flash, current_app
 from .models import User
 from . import db
+import mariadb
+import os

 # Settings module logic
 import sqlite3
@@ -60,17 +62,224 @@ def settings_handler():
    if 'role' not in session or session['role'] != 'superadmin':
        flash('Access denied: Superadmin only.')
        return redirect(url_for('main.dashboard'))
-    users = User.query.all()
+    
+    # Get users from external MariaDB database
+    users = []
+    try:
+        conn = get_external_db_connection()
+        cursor = conn.cursor()
+        
+        # Create users table if it doesn't exist
+        cursor.execute('''
+            CREATE TABLE IF NOT EXISTS users (
+                id INT AUTO_INCREMENT PRIMARY KEY,
+                username VARCHAR(50) UNIQUE NOT NULL,
+                password VARCHAR(255) NOT NULL,
+                role VARCHAR(50) NOT NULL
+            )
+        ''')
+        
+        # Get all users from external database
+        cursor.execute("SELECT id, username, password, role FROM users")
+        users_data = cursor.fetchall()
+        
+        # Convert to list of dictionaries for template compatibility
+        users = []
+        for user_data in users_data:
+            users.append({
+                'id': user_data[0],
+                'username': user_data[1], 
+                'password': user_data[2],
+                'role': user_data[3]
+            })
+        
+        conn.close()
+        
+    except Exception as e:
+        print(f"Error fetching users from external database: {e}")
+        flash(f'Error loading users: {e}')
+    
    # Load external database settings from the instance folder
    external_settings = {}
-    import os
-    from flask import current_app
    settings_file = os.path.join(current_app.instance_path, 'external_server.conf')
    if os.path.exists(settings_file):
        with open(settings_file, 'r') as f:
            for line in f:
                key, value = line.strip().split('=', 1)
                external_settings[key] = value
+    
    return render_template('settings.html', users=users, external_settings=external_settings)

-# Add more settings-related functions here as needed
+# Helper function to get external database connection
+def get_external_db_connection():
+    """Reads the external_server.conf file and returns a MariaDB database connection."""
+    settings_file = os.path.join(current_app.instance_path, 'external_server.conf')
+    if not os.path.exists(settings_file):
+        raise FileNotFoundError("The external_server.conf file is missing in the instance folder.")
+
+    # Read settings from the configuration file
+    settings = {}
+    with open(settings_file, 'r') as f:
+        for line in f:
+            key, value = line.strip().split('=', 1)
+            settings[key] = value
+
+    # Create a database connection
+    return mariadb.connect(
+        user=settings['username'],
+        password=settings['password'],
+        host=settings['server_domain'],
+        port=int(settings['port']),
+        database=settings['database_name']
+    )
+
+# User management handlers
+def create_user_handler():
+    if 'role' not in session or session['role'] != 'superadmin':
+        flash('Access denied: Superadmin only.')
+        return redirect(url_for('main.settings'))
+
+    username = request.form['username']
+    password = request.form['password']
+    role = request.form['role']
+
+    try:
+        # Connect to external MariaDB database
+        conn = get_external_db_connection()
+        cursor = conn.cursor()
+        
+        # Create users table if it doesn't exist
+        cursor.execute('''
+            CREATE TABLE IF NOT EXISTS users (
+                id INT AUTO_INCREMENT PRIMARY KEY,
+                username VARCHAR(50) UNIQUE NOT NULL,
+                password VARCHAR(255) NOT NULL,
+                role VARCHAR(50) NOT NULL
+            )
+        ''')
+        
+        # Check if the username already exists
+        cursor.execute("SELECT id FROM users WHERE username = %s", (username,))
+        if cursor.fetchone():
+            flash('User already exists.')
+            conn.close()
+            return redirect(url_for('main.settings'))
+
+        # Create a new user in external MariaDB
+        cursor.execute("""
+            INSERT INTO users (username, password, role)
+            VALUES (%s, %s, %s)
+        """, (username, password, role))
+        
+        conn.commit()
+        conn.close()
+        flash('User created successfully in external database.')
+        
+    except Exception as e:
+        print(f"Error creating user in external database: {e}")
+        flash(f'Error creating user: {e}')
+
+    return redirect(url_for('main.settings'))
+
+def edit_user_handler():
+    if 'role' not in session or session['role'] != 'superadmin':
+        flash('Access denied: Superadmin only.')
+        return redirect(url_for('main.settings'))
+
+    user_id = request.form.get('user_id')
+    password = request.form.get('password', '').strip()
+    role = request.form.get('role')
+
+    if not user_id or not role:
+        flash('Missing required fields.')
+        return redirect(url_for('main.settings'))
+
+    try:
+        # Connect to external MariaDB database
+        conn = get_external_db_connection()
+        cursor = conn.cursor()
+        
+        # Check if the user exists
+        cursor.execute("SELECT id FROM users WHERE id = %s", (user_id,))
+        if not cursor.fetchone():
+            flash('User not found.')
+            conn.close()
+            return redirect(url_for('main.settings'))
+
+        # Update the user's details in external MariaDB
+        if password:  # Only update password if provided
+            cursor.execute("""
+                UPDATE users SET password = %s, role = %s WHERE id = %s
+            """, (password, role, user_id))
+            flash('User updated successfully (including password).')
+        else:  # Just update role if no password provided
+            cursor.execute("""
+                UPDATE users SET role = %s WHERE id = %s
+            """, (role, user_id))
+            flash('User role updated successfully.')
+        
+        conn.commit()
+        conn.close()
+        
+    except Exception as e:
+        print(f"Error updating user in external database: {e}")
+        flash(f'Error updating user: {e}')
+
+    return redirect(url_for('main.settings'))
+
+def delete_user_handler():
+    if 'role' not in session or session['role'] != 'superadmin':
+        flash('Access denied: Superadmin only.')
+        return redirect(url_for('main.settings'))
+
+    user_id = request.form['user_id']
+
+    try:
+        # Connect to external MariaDB database
+        conn = get_external_db_connection()
+        cursor = conn.cursor()
+        
+        # Check if the user exists
+        cursor.execute("SELECT id FROM users WHERE id = %s", (user_id,))
+        if not cursor.fetchone():
+            flash('User not found.')
+            conn.close()
+            return redirect(url_for('main.settings'))
+
+        # Delete the user from external MariaDB
+        cursor.execute("DELETE FROM users WHERE id = %s", (user_id,))
+        
+        conn.commit()
+        conn.close()
+        flash('User deleted successfully from external database.')
+        
+    except Exception as e:
+        print(f"Error deleting user from external database: {e}")
+        flash(f'Error deleting user: {e}')
+
+    return redirect(url_for('main.settings'))
+
+def save_external_db_handler():
+    if 'role' not in session or session['role'] != 'superadmin':
+        flash('Access denied: Superadmin only.')
+        return redirect(url_for('main.settings'))
+
+    # Get form data
+    server_domain = request.form['server_domain']
+    port = request.form['port']
+    database_name = request.form['database_name']
+    username = request.form['username']
+    password = request.form['password']
+
+    # Save data to a file in the instance folder
+    settings_file = os.path.join(current_app.instance_path, 'external_server.conf')
+    os.makedirs(os.path.dirname(settings_file), exist_ok=True)
+    with open(settings_file, 'w') as f:
+        f.write(f"server_domain={server_domain}\n")
+        f.write(f"port={port}\n")
+        f.write(f"database_name={database_name}\n")
+        f.write(f"username={username}\n")
+        f.write(f"password={password}\n")
+
+    flash('External database settings saved/updated successfully.')
+    return redirect(url_for('main.settings'))