1
Fork 0
mirror of https://github.com/Steffo99/estus.git synced 2024-11-22 07:34:19 +00:00
estus/server.py

556 lines
19 KiB
Python
Raw Normal View History

2017-09-12 07:39:18 +00:00
import os
2017-02-02 08:33:54 +00:00
from flask import Flask, session, url_for, redirect, request, render_template, abort
2017-02-01 07:21:18 +00:00
from flask_sqlalchemy import SQLAlchemy
from sqlalchemy.exc import OperationalError
2017-09-11 10:57:41 +00:00
import bcrypt
2017-02-01 07:21:18 +00:00
app = Flask(__name__)
app.secret_key = "pepsecret"
2017-02-01 07:21:18 +00:00
# SQL
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///data.db'
2017-09-12 07:39:18 +00:00
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
2017-02-01 07:21:18 +00:00
db = SQLAlchemy(app)
2017-09-11 09:43:50 +00:00
2017-02-01 07:21:18 +00:00
# Utente login inventario
class User(db.Model):
2017-09-12 07:39:18 +00:00
__tablename__ = "website_users"
2017-02-01 07:21:18 +00:00
uid = db.Column(db.Integer, primary_key=True)
2017-09-12 07:40:47 +00:00
username = db.Column(db.String, unique=True)
2017-09-11 10:57:41 +00:00
passwd = db.Column(db.LargeBinary)
2017-02-01 07:21:18 +00:00
def __init__(self, username, passwd):
self.username = username
self.passwd = passwd
def __repr__(self):
return "<User {}>".format(self.username, self.passwd)
2017-09-11 09:43:50 +00:00
2017-02-01 07:21:18 +00:00
# Ente (Unione Terre di Castelli, Comune di Vignola...)
class Ente(db.Model):
2017-09-12 07:39:18 +00:00
__tablename__ = "enti"
2017-02-01 07:21:18 +00:00
eid = db.Column(db.Integer, primary_key=True)
2017-09-12 07:40:47 +00:00
nomeente = db.Column(db.String)
nomebreveente = db.Column(db.String)
2017-02-01 07:21:18 +00:00
servizi = db.relationship("Servizio", backref='ente', lazy='dynamic')
def __init__(self, nomeente, nomebreveente):
self.nomeente = nomeente
self.nomebreveente = nomebreveente
2017-02-01 07:21:18 +00:00
def __repr__(self):
return "<Ente {}>".format(self.nomebreveente)
2017-02-01 07:21:18 +00:00
# Servizio di un ente
class Servizio(db.Model):
2017-09-12 07:39:18 +00:00
__tablename__ = "servizi"
2017-02-01 07:21:18 +00:00
sid = db.Column(db.Integer, primary_key=True)
2017-09-12 07:39:18 +00:00
eid = db.Column(db.Integer, db.ForeignKey('enti.eid'))
2017-09-12 07:40:47 +00:00
nomeservizio = db.Column(db.String)
locazione = db.Column(db.String)
2017-02-01 07:21:18 +00:00
impiegati = db.relationship("Impiegato", backref='servizio', lazy='dynamic')
2017-09-11 13:56:42 +00:00
def __init__(self, eid, nomeservizio, locazione):
2017-02-01 07:21:18 +00:00
self.eid = eid
self.nomeservizio = nomeservizio
2017-09-11 13:56:42 +00:00
self.locazione = locazione
2017-02-01 07:21:18 +00:00
def __repr__(self):
return "<Servizio {}>".format(self.nomeservizio)
2017-02-01 07:21:18 +00:00
class Impiegato(db.Model):
2017-09-12 07:39:18 +00:00
__tablename__ = "impiegati"
2017-02-01 07:21:18 +00:00
iid = db.Column(db.Integer, primary_key=True)
2017-09-12 07:39:18 +00:00
sid = db.Column(db.Integer, db.ForeignKey('servizi.sid'))
2017-09-12 07:40:47 +00:00
nomeimpiegato = db.Column(db.String)
username = db.Column(db.String, unique=True)
passwd = db.Column(db.String)
2017-02-02 08:33:54 +00:00
dispositivi = db.relationship("Accesso", backref='impiegato', lazy='dynamic')
2017-02-01 07:21:18 +00:00
def __init__(self, sid, nomeimpiegato, username, passwd):
2017-02-01 07:21:18 +00:00
self.sid = sid
self.nomeimpiegato = nomeimpiegato
2017-02-01 07:21:18 +00:00
self.username = username
self.passwd = passwd
def __repr__(self):
2017-02-02 08:33:54 +00:00
return "<Impiegato {}>".format(self.nome)
class Dispositivo(db.Model):
2017-09-12 07:39:18 +00:00
__tablename__ = "dispositivi"
2017-02-02 08:33:54 +00:00
did = db.Column(db.Integer, primary_key=True)
2017-09-12 07:39:18 +00:00
accessi = db.relationship("Accesso", backref='dispositivo', lazy='dynamic')
2017-09-12 07:40:47 +00:00
tipo = db.Column(db.String)
marca = db.Column(db.String)
modello = db.Column(db.String)
inv_ced = db.Column(db.String)
inv_ente = db.Column(db.String)
fornitore = db.Column(db.String)
seriale = db.Column(db.String)
2017-09-12 07:39:18 +00:00
nid = db.Column(db.Integer, db.ForeignKey('reti.nid'))
rete = db.relationship("Rete", backref='dispositivi')
2017-02-02 08:33:54 +00:00
2017-09-11 15:05:45 +00:00
def __init__(self, tipo, marca, modello, inv_ced, inv_ente, fornitore, nid, seriale):
2017-02-02 08:33:54 +00:00
self.tipo = tipo
self.marca = marca
self.modello = modello
self.inv_ced = inv_ced
self.inv_ente = inv_ente
self.fornitore = fornitore
self.nid = nid
2017-09-11 15:05:45 +00:00
self.seriale = seriale
2017-02-02 08:33:54 +00:00
def __repr__(self):
return "<Dispositivo {}>".format(self.inv_ced)
class Accesso(db.Model):
2017-09-12 07:39:18 +00:00
__tablename__ = "assoc_accessi"
iid = db.Column(db.Integer, db.ForeignKey('impiegati.iid'), primary_key=True)
did = db.Column(db.Integer, db.ForeignKey('dispositivi.did'), primary_key=True)
2017-02-02 08:33:54 +00:00
def __init__(self, iid, did):
self.iid = iid
self.did = did
def __repr__(self):
2017-02-03 12:04:11 +00:00
return "<Accesso {} su {}>".format(self.iid, self.did)
2017-02-02 08:33:54 +00:00
2017-02-01 07:21:18 +00:00
2017-09-12 07:39:18 +00:00
class Rete(db.Model):
__tablename__ = "reti"
nid = db.Column(db.Integer, primary_key=True)
2017-09-12 07:40:47 +00:00
nome = db.Column(db.String)
network_ip = db.Column(db.String, unique=True, nullable=False)
2017-09-12 07:39:18 +00:00
subnet = db.Column(db.Integer, nullable=False)
2017-09-12 07:40:47 +00:00
primary_dns = db.Column(db.String)
secondary_dns = db.Column(db.String)
2017-09-12 07:39:18 +00:00
def __init__(self, nome, network_ip, subnet, primary_dns, secondary_dns):
2017-09-12 06:26:58 +00:00
self.nome = nome
2017-09-12 07:39:18 +00:00
self.network_ip = network_ip
self.subnet = subnet
self.primary_dns = primary_dns
self.secondary_dns = secondary_dns
def __repr__(self):
return "<Rete {},{}>".format(self.nid, self.nome)
2017-09-11 13:00:04 +00:00
class FakeAccesso:
def __init__(self, dispositivo):
self.did = dispositivo.did
self.iid = None
self.dispositivo = dispositivo
def __getitem__(self, key):
if key == 0:
return self.dispositivo
2017-09-12 06:26:58 +00:00
2017-02-01 07:21:18 +00:00
# Funzioni del sito
def login(username, password):
user = User.query.filter_by(username=username).first()
2017-02-02 08:33:54 +00:00
try:
2017-09-11 10:57:41 +00:00
return bcrypt.checkpw(bytes(password, encoding="utf-8"), user.passwd)
2017-02-02 08:33:54 +00:00
except AttributeError:
# Se non esiste l'Utente
return False
2017-02-01 07:21:18 +00:00
2017-09-11 09:43:50 +00:00
2017-09-12 07:39:18 +00:00
def subnet_to_string(integer):
"""Converte una subnet mask in numero in una stringa"""
still_int = (0xFFFFFFFF << (32 - integer)) & 0xFFFFFFFF
return f"{still_int >> 24}.{(still_int >> 16) & 0xFF}.{(still_int >> 8)}.{still_int & 0xFF}"
2017-02-01 07:21:18 +00:00
# Sito
@app.route('/')
def page_home():
if 'username' not in session:
return redirect(url_for('page_login'))
else:
session.pop('username')
return "Logout eseguito con successo."
2017-09-11 09:43:50 +00:00
2017-02-01 07:21:18 +00:00
@app.route('/login', methods=['GET', 'POST'])
def page_login():
if request.method == 'GET':
goldfish = url_for("static", filename="goldfish.png")
return render_template("login.htm", goldfish=goldfish)
2017-02-01 07:21:18 +00:00
else:
if login(request.form['username'], request.form['password']):
session['username'] = request.form['username']
return redirect(url_for('page_dashboard'))
else:
2017-02-02 08:33:54 +00:00
abort(403)
2017-02-01 07:21:18 +00:00
2017-09-11 09:43:50 +00:00
2017-02-01 07:21:18 +00:00
@app.route('/dashboard')
def page_dashboard():
2017-02-02 07:46:15 +00:00
enti = Ente.query.all()
conteggioservizi = dict()
2017-09-12 06:26:58 +00:00
goldfish = url_for("static", filename="goldfish.png")
2017-02-02 07:46:15 +00:00
for ente in enti:
conteggioservizi[ente.nomeente] = Servizio.query.join(Ente).filter_by(eid=ente.eid).count()
conteggioutenti = dict()
for ente in enti:
conteggioutenti[ente.nomeente] = Impiegato.query.join(Servizio).join(Ente).filter_by(eid=ente.eid).count()
return render_template("dashboard.htm", type="main", user=session["username"],
conteggioutenti=conteggioutenti, conteggioservizi=conteggioservizi, goldfish=goldfish)
2017-09-11 09:43:50 +00:00
2017-02-01 07:21:18 +00:00
@app.route('/ente_add', methods=['GET', 'POST'])
def page_ente_add():
if 'username' not in session:
return redirect(url_for('page_login'))
if request.method == 'GET':
return render_template("ente/add.htm", type="ente", user=session["username"])
2017-02-01 07:21:18 +00:00
else:
nuovoent = Ente(request.form['nomeente'], request.form['nomebreveente'])
2017-02-01 07:21:18 +00:00
db.session.add(nuovoent)
db.session.commit()
return redirect(url_for('page_ente_list'))
2017-09-11 09:43:50 +00:00
2017-02-01 07:21:18 +00:00
@app.route('/ente_del/<int:eid>')
def page_ente_del(eid):
if 'username' not in session:
return redirect(url_for('page_login'))
ente = Ente.query.get(eid)
servizi = Servizio.query.filter_by(eid=ente.eid).all()
for serv in servizi:
impiegati = Impiegato.query.filter_by(sid=serv.sid).all()
for imp in impiegati:
db.session.delete(imp)
db.session.delete(serv)
2017-02-01 07:21:18 +00:00
db.session.delete(ente)
db.session.commit()
return redirect(url_for('page_ente_list'))
2017-09-11 09:43:50 +00:00
2017-02-01 07:21:18 +00:00
@app.route('/ente_list')
def page_ente_list():
if 'username' not in session:
return redirect(url_for('page_login'))
enti = Ente.query.all()
return render_template("ente/list.htm", enti=enti, type="ente", user=session["username"])
2017-02-01 07:21:18 +00:00
2017-09-11 09:43:50 +00:00
2017-02-01 07:21:18 +00:00
@app.route('/ente_show/<int:eid>', methods=['GET', 'POST'])
def page_ente_show(eid):
if 'username' not in session:
return redirect(url_for('page_login'))
if request.method == "GET":
ente = Ente.query.get(eid)
return render_template("ente/show.htm", ente=ente, user=session["username"])
2017-02-01 07:21:18 +00:00
else:
ente = Ente.query.get(eid)
ente.nomeente = request.form["nomeente"]
ente.nomebreveente = request.form["nomebreveente"]
2017-02-01 07:21:18 +00:00
db.session.commit()
return redirect(url_for('page_ente_list'))
2017-09-11 09:43:50 +00:00
@app.route('/serv_add', methods=['GET', 'POST'])
def page_serv_add():
if 'username' not in session:
return redirect(url_for('page_login'))
if request.method == 'GET':
enti = Ente.query.all()
return render_template("servizio/add.htm", enti=enti, type="serv", user=session["username"])
else:
2017-09-11 13:56:42 +00:00
nuovoserv = Servizio(request.form['eid'], request.form['nomeservizio'], request.form['locazione'])
db.session.add(nuovoserv)
db.session.commit()
return redirect(url_for('page_serv_list'))
2017-09-11 09:43:50 +00:00
@app.route('/serv_del/<int:sid>')
def page_serv_del(sid):
if 'username' not in session:
return redirect(url_for('page_login'))
serv = Servizio.query.get(sid)
impiegati = Impiegato.query.filter_by(sid=serv.sid).all()
for imp in impiegati:
db.session.delete(imp)
db.session.delete(serv)
db.session.commit()
return redirect(url_for('page_serv_list'))
2017-09-11 09:43:50 +00:00
@app.route('/serv_list')
def page_serv_list():
if 'username' not in session:
return redirect(url_for('page_login'))
serv = Servizio.query.join(Ente).all()
return render_template("servizio/list.htm", serv=serv, type="serv", user=session["username"])
2017-09-11 13:00:04 +00:00
@app.route('/serv_list/<int:eid>')
def page_serv_list_plus(eid):
if 'username' not in session:
return redirect(url_for('page_login'))
serv = Servizio.query.join(Ente).filter_by(eid=eid).all()
return render_template("servizio/list.htm", serv=serv, type="serv", user=session["username"])
2017-09-11 13:00:04 +00:00
@app.route('/serv_show/<int:sid>', methods=['GET', 'POST'])
def page_serv_show(sid):
if 'username' not in session:
return redirect(url_for('page_login'))
if request.method == "GET":
serv = Servizio.query.get(sid)
enti = Ente.query.all()
return render_template("servizio/show.htm", serv=serv, enti=enti, user=session["username"])
else:
serv = Servizio.query.get(sid)
serv.eid = request.form["eid"]
serv.nomeservizio = request.form["nomeservizio"]
2017-09-11 13:56:42 +00:00
serv.locazione = request.form["locazione"]
db.session.commit()
return redirect(url_for('page_serv_list'))
2017-09-11 09:43:50 +00:00
@app.route('/imp_add', methods=['GET', 'POST'])
def page_imp_add():
if 'username' not in session:
return redirect(url_for('page_login'))
if request.method == 'GET':
2017-02-02 08:33:54 +00:00
servizi = Servizio.query.join(Ente).all()
return render_template("impiegato/add.htm", servizi=servizi, type="imp", user=session["username"])
else:
2017-09-11 09:43:50 +00:00
nuovoimp = Impiegato(request.form['sid'], request.form['nomeimpiegato'], request.form['username'],
request.form['passwd'],)
db.session.add(nuovoimp)
db.session.commit()
return redirect(url_for('page_imp_list'))
2017-09-11 09:43:50 +00:00
@app.route('/imp_del/<int:iid>')
def page_imp_del(iid):
if 'username' not in session:
return redirect(url_for('page_login'))
imp = Impiegato.query.get(iid)
db.session.delete(imp)
db.session.commit()
return redirect(url_for('page_imp_list'))
2017-09-11 09:43:50 +00:00
@app.route('/imp_list')
def page_imp_list():
if 'username' not in session:
return redirect(url_for('page_login'))
impiegati = Impiegato.query.join(Servizio).join(Ente).all()
return render_template("impiegato/list.htm", impiegati=impiegati, type="imp", user=session["username"])
2017-09-11 09:43:50 +00:00
@app.route('/imp_list/<int:sid>')
def page_imp_list_plus(sid):
if 'username' not in session:
return redirect(url_for('page_login'))
impiegati = Impiegato.query.join(Servizio).filter_by(sid=sid).join(Ente).all()
return render_template("impiegato/list.htm", impiegati=impiegati, user=session["username"])
2017-09-11 09:43:50 +00:00
@app.route('/imp_show/<int:iid>', methods=['GET', 'POST'])
def page_imp_show(iid):
if 'username' not in session:
return redirect(url_for('page_login'))
if request.method == "GET":
imp = Impiegato.query.get(iid)
servizi = Servizio.query.all()
return render_template("impiegato/show.htm", imp=imp, servizi=servizi, user=session["username"])
else:
imp = Impiegato.query.get(iid)
imp.sid = request.form["sid"]
imp.nomeimpiegato = request.form["nomeimpiegato"]
imp.username = request.form["username"]
imp.passwd = request.form["passwd"]
db.session.commit()
return redirect(url_for('page_imp_list'))
2017-09-11 09:43:50 +00:00
@app.route('/disp_add', methods=['GET', 'POST'])
def page_disp_add():
if 'username' not in session:
return redirect(url_for('page_login'))
if request.method == 'GET':
2017-09-11 14:45:49 +00:00
serial = request.args.get("scanned_barcode")
2017-09-11 09:43:50 +00:00
opzioni = ["Centralino", "Dispositivo generico di rete", "Marcatempo", "PC", "Portatile", "POS", "Router",
"Server", "Stampante di rete", "Switch", "Telefono IP", "Monitor", "Scanner", "Stampante locale"]
2017-09-12 07:39:18 +00:00
reti = Rete.query.all()
impiegati = Impiegato.query.all()
return render_template("dispositivo/add.htm", impiegati=impiegati, opzioni=opzioni, reti=reti,
2017-09-12 06:26:58 +00:00
type="dev", user=session["username"], serial=serial)
else:
2017-09-11 09:43:50 +00:00
nuovodisp = Dispositivo(request.form['tipo'], request.form['marca'], request.form['modello'],
2017-09-12 06:26:58 +00:00
request.form['inv_ced'], request.form['inv_ente'], request.form['fornitore'],
request.form['rete'], request.form['seriale'])
db.session.add(nuovodisp)
db.session.commit()
2017-02-03 12:04:11 +00:00
# Trova tutti gli utenti, edizione sporco hack in html
users = list()
while True:
# Trova tutti gli utenti esistenti
userstring = 'utente{}'.format(len(users))
if userstring in request.form:
users.append(request.form[userstring])
else:
break
for user in users:
nuovologin = Accesso(int(user), nuovodisp.did)
db.session.add(nuovologin)
db.session.commit()
2017-09-11 09:43:50 +00:00
# TODO: se un dispositivo non ha utenti si incasina parecchio
return redirect(url_for('page_disp_list'))
2017-09-11 09:43:50 +00:00
@app.route('/disp_del/<int:did>')
def page_disp_del(did):
if 'username' not in session:
return redirect(url_for('page_login'))
disp = Dispositivo.query.get(did)
db.session.delete(disp)
db.session.commit()
return redirect(url_for('page_disp_list'))
2017-09-11 09:43:50 +00:00
@app.route('/disp_list')
def page_disp_list():
if 'username' not in session:
return redirect(url_for('page_login'))
2017-02-03 12:04:11 +00:00
accessi = list()
dispositivi = Dispositivo.query.all()
2017-02-03 12:04:11 +00:00
for dispositivo in dispositivi:
accesso = Accesso.query.join(Dispositivo).filter_by(did=dispositivo.did).join(Impiegato).all()
2017-09-11 13:00:04 +00:00
if not accesso:
2017-09-11 13:22:44 +00:00
# oh dio mio a cosa stavo pensando viva il duck typing
2017-09-11 13:00:04 +00:00
accessi.append([FakeAccesso(dispositivo)])
else:
accessi.append(accesso)
return render_template("dispositivo/list.htm", accessi=accessi, type="disp", user=session["username"])
2017-09-11 09:43:50 +00:00
2017-09-11 13:00:04 +00:00
@app.route('/disp_details/<int:did>')
def page_details_host(did):
if 'username' not in session:
return redirect(url_for('page_login'))
2017-09-11 13:42:28 +00:00
disp = Dispositivo.query.filter_by(did=did).first_or_404()
2017-09-11 13:22:44 +00:00
accessi = Accesso.query.filter_by(did=did).all()
return render_template("dispositivo/details.htm", disp=disp, accessi=accessi, type="disp",
2017-09-12 06:26:58 +00:00
user=session["username"])
2017-09-11 13:42:28 +00:00
@app.route('/imp_details/<int:iid>')
def page_details_imp(iid):
if 'username' not in session:
return redirect(url_for('page_login'))
impiegato = Impiegato.query.filter_by(iid=iid).first()
return render_template("impiegato/details.htm", imp=impiegato, type="imp", user=session["username"])
2017-09-11 13:42:28 +00:00
@app.route('/net_add', methods=['GET', 'POST'])
def page_net_add():
if 'username' not in session:
return redirect(url_for('page_login'))
if request.method == 'GET':
return render_template("net/add.htm", type="net", user=session["username"])
else:
2017-09-12 07:39:18 +00:00
nuovonet = Rete(nome=request.form["nome"], network_ip=request.form["network_ip"], subnet=request.form["subnet"],
primary_dns=request.form["primary_dns"], secondary_dns=request.form["secondary_dns"])
db.session.add(nuovonet)
db.session.commit()
return redirect(url_for('page_net_list'))
@app.route('/net_del/<int:nid>')
2017-09-12 07:39:18 +00:00
def page_net_del(nid):
if 'username' not in session:
return redirect(url_for('page_login'))
2017-09-12 07:39:18 +00:00
rete = Rete.query.get(nid)
db.session.delete(rete)
db.session.commit()
return redirect(url_for('page_net_list'))
@app.route('/net_list')
def page_net_list():
if 'username' not in session:
return redirect(url_for('page_login'))
2017-09-12 07:39:18 +00:00
reti = Rete.query.all()
return render_template("net/list.htm", reti=reti, type="net", user=session["username"])
2017-09-11 15:31:20 +00:00
@app.route('/net_details/<int:nid>')
2017-09-12 07:39:18 +00:00
def page_net_details(nid):
2017-09-11 15:31:20 +00:00
if 'username' not in session:
return redirect(url_for('page_login'))
2017-09-12 07:39:18 +00:00
net = Rete.query.filter_by(nid=nid).first()
dispositivi = Dispositivo.query.join(Rete).filter_by(nid=nid).all()
subnet = subnet_to_string(net.subnet)
return render_template("net/details.htm", net=net, subnet=subnet, dispositivi=dispositivi, type="net",
2017-09-12 06:26:58 +00:00
user=session["username"])
2017-09-11 15:31:20 +00:00
@app.route('/user_list')
def page_user_list():
if 'username' not in session:
return redirect(url_for('page_login'))
utenti = User.query.all()
return render_template("user/list.htm", utenti=utenti, type="user", user=session["username"])
@app.route('/user_del/<int:uid>')
def page_user_del(uid):
if 'username' not in session:
return redirect(url_for('page_login'))
utente = User.query.get(uid)
db.session.delete(utente)
db.session.commit()
return redirect(url_for('page_user_list'))
@app.route('/user_add', methods=['GET', 'POST'])
def page_user_add():
if 'username' not in session:
return redirect(url_for('page_login'))
if request.method == 'GET':
return render_template("user/add.htm", type="user", user=session["username"])
else:
p = bytes(request.form["passwd"], encoding="utf-8")
cenere = bcrypt.hashpw(p, bcrypt.gensalt())
nuovo = User(request.form['username'], cenere)
db.session.add(nuovo)
db.session.commit()
return redirect(url_for('page_user_list'))
if __name__ == "__main__":
2017-09-12 07:39:18 +00:00
if not os.path.isfile("data.db"):
db.create_all()
try:
nuovapassword = bcrypt.hashpw(b"smecds", bcrypt.gensalt())
nuovouser = User('stagista', nuovapassword)
db.session.add(nuovouser)
retenulla = Rete(nome="Sconosciuta", network_ip="0.0.0.0", subnet=0, primary_dns="0.0.0.0",
secondary_dns="0.0.0.0")
db.session.add(retenulla)
db.session.commit()
except OperationalError:
2017-09-12 07:39:18 +00:00
db.session.rollback()
app.run(debug=True)