ske087/quality_recticel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b35ba3fbe9c1855fffabc45a18610c73000c79ad
quality_recticel/py_app/app/routes.py

131 lines
4.1 KiB
Python
Raw Blame History

from flask import Blueprint, render_template, redirect, url_for, request, flash, session
from .models import User
from . import db
bp = Blueprint('main', __name__)
@bp.route('/login', methods=['GET', 'POST'])
def login():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
user = User.query.filter_by(username=username, password=password).first()
if user:
session['user'] = user.username
session['role'] = user.role
return redirect(url_for('main.dashboard'))
else:
flash('Invalid credentials. Please try again.')
return render_template('login.html')
@bp.route('/dashboard')
def dashboard():
if 'user' not in session:
return redirect(url_for('main.login'))
return render_template('dashboard.html')
@bp.route('/settings')
def settings():
if 'role' not in session or session['role'] != 'superadmin':
flash('Access denied: Superadmin only.')
return redirect(url_for('main.dashboard'))
# Fetch all users from the database
users = User.query.all()
return render_template('settings.html', users=users)
@bp.route('/quality')
def quality():
if 'role' not in session or session['role'] not in ['superadmin', 'quality']:
flash('Access denied: Quality users only.')
return redirect(url_for('main.dashboard'))
return render_template('quality.html')
@bp.route('/warehouse')
def warehouse():
if 'role' not in session or session['role'] not in ['superadmin', 'warehouse']:
flash('Access denied: Warehouse users only.')
return redirect(url_for('main.dashboard'))
return render_template('warehouse.html')
@bp.route('/scan')
def scan():
if 'role' not in session or session['role'] not in ['superadmin', 'scan']:
flash('Access denied: Scan users only.')
return redirect(url_for('main.dashboard'))
return render_template('scan.html')
@bp.route('/logout')
def logout():
session.pop('user', None)
session.pop('role', None)
return redirect(url_for('main.login'))
@bp.route('/create_user', methods=['POST'])
def create_user():
if 'role' not in session or session['role'] != 'superadmin':
flash('Access denied: Superadmin only.')
return redirect(url_for('main.settings'))
username = request.form['username']
password = request.form['password']
role = request.form['role']
# Check if the username already exists
if User.query.filter_by(username=username).first():
flash('User already exists.')
return redirect(url_for('main.settings'))
# Create a new user
new_user = User(username=username, password=password, role=role)
db.session.add(new_user)
db.session.commit()
flash('User created successfully.')
return redirect(url_for('main.settings'))
@bp.route('/edit_user', methods=['POST'])
def edit_user():
if 'role' not in session or session['role'] != 'superadmin':
flash('Access denied: Superadmin only.')
return redirect(url_for('main.settings'))
user_id = request.form['user_id']
password = request.form['password']
role = request.form['role']
# Fetch the user from the database
user = User.query.get(user_id)
if not user:
flash('User not found.')
return redirect(url_for('main.settings'))
# Update the user's details
if password:
user.password = password
user.role = role
db.session.commit()
flash('User updated successfully.')
return redirect(url_for('main.settings'))
@bp.route('/delete_user', methods=['POST'])
def delete_user():
if 'role' not in session or session['role'] != 'superadmin':
flash('Access denied: Superadmin only.')
return redirect(url_for('main.settings'))
user_id = request.form['user_id']
# Fetch the user from the database
user = User.query.get(user_id)
if not user:
flash('User not found.')
return redirect(url_for('main.settings'))
# Delete the user
db.session.delete(user)
db.session.commit()
flash('User deleted successfully.')
return redirect(url_for('main.settings'))
Reference in New Issue View Git Blame Copy Permalink