Compare commits

..

No commits in common. "e615f774ad5443de8f30e5a5141f1379024c6674" and "a1c41349bd0fcf7daf43deb9f917097fe7003427" have entirely different histories.

10 changed files with 8 additions and 150 deletions

View File

@ -7,5 +7,5 @@ Installed-Size: 2000
Depends: gunicorn, python3-flask-sqlalchemy
Homepage: https://gitea.dmz.rs/Decentrala/taskmanager
Maintainer: Decentrala <dmz@dmz.rs>
Description: Interactive TODO list Web app
Version: 1.0.3
Description: Web app
Version: 1.0.2

View File

@ -2,11 +2,3 @@
/usr/bin/systemctl enable taskmanager.service
/var/taskmanager/init_db.py
/sbin/service taskmanager start
if [ -f /tmp/oldtaskmanagerconfig.ini ] ; then
cp /tmp/oldtaskmanagerconfig.ini /var/taskmanager/taskmanager/config.ini
rm /tmp/oldtaskmanagerconfig.ini
fi
if [ -f /tmp/oldtaskmanager.db ] ; then
cp /tmp/oldtaskmanager.db /var/taskmanager/instance/taskmanager.db
rm /tmp/oldtaskmanager.db
fi

View File

@ -1,6 +0,0 @@
if [ -f /var/taskmanager/taskmanager/config.ini ] ; then
cp /var/taskmanager/taskmanager/config.ini /tmp/oldtaskmanagerconfig.ini
fi
if [ -f /var/taskmanager/instance/taskmanager.db ] ; then
cp /var/taskmanager/instance/taskmanager.db /tmp/oldtaskmanager.db
fi

View File

@ -1,9 +1,3 @@
#!/bin/sh
/sbin/service taskmanager stop
/usr/bin/systemctl disable taskmanager.service
if [ -f /var/taskmanager/taskmanager/config.ini ] ; then
cp /var/taskmanager/taskmanager/config.ini /tmp/oldtaskmanagerconfig.ini
fi
if [ -f /var/taskmanager/instance/taskmanager.db ] ; then
cp /var/taskmanager/instance/taskmanager.db /tmp/oldtaskmanager.db
fi

View File

@ -1,2 +0,0 @@
[credentials]
ADMINPASS = defaultpassword

View File

@ -4,7 +4,6 @@ class Task(db.Model):
id = db.Column(db.Integer, primary_key=True)
name = db.Column(db.String, nullable=False)
desc = db.Column(db.String, nullable=True)
creatorid = db.Column(db.Integer, nullable=True)
class User(db.Model):
id = db.Column(db.Integer, primary_key=True)

View File

@ -2,14 +2,6 @@ from flask import render_template, request, redirect
from taskmanager import app, db
from taskmanager.functions import *
from taskmanager.models import *
import configparser
CONFIG_PATH = "/var/taskmanager/taskmanager/config.ini"
config = configparser.ConfigParser()
config.read(CONFIG_PATH)
ADMINPASS = config.get('credentials', 'ADMINPASS')
@app.route('/', methods=['GET'])
def index():
@ -23,28 +15,7 @@ def addtask():
elif request.method == 'POST':
taskname = request.form['taskname']
taskdesc = request.form['taskdesc']
username = request.form['username']
# Input sanitation
if not taskname.isalnum():
return "Task name has to be made only of letters or numbers."
if not username.isalnum():
return "Username has to be made only of letters or numbers."
if not taskdesc.isprintable():
return "Task description has to be made of printable characters."
if len(taskname) < 1 or len(taskname) > 40:
return "Task name lenght invalid, only smaller then 40 charachters allowed"
if len(taskdesc) > 2000:
return "Task description lenght invalid, only smaller then 2000 charachters allowed"
if username == "":
creatorid = None
else:
try:
creatorid = User.query.filter_by(username = username).first().id
except:
return 'No user with this username. Please <a href="/register">register</a>.'
if creatorid is None:
return 'No user with this username. Please <a href="/register">register</a>.'
sqladdtask = Task(name = taskname, desc = taskdesc, creatorid = creatorid)
sqladdtask = Task(name = taskname, desc = taskdesc)
try:
db.session.add(sqladdtask)
db.session.commit()
@ -60,18 +31,6 @@ def register():
username = request.form['username']
contact = request.form['contact']
password = request.form['password']
if not username.isalnum():
return "Username has to be made only of letters or numbers."
if not contact.isprintable():
return "Contact information has to be made of printable characters."
if not password.isprintable():
return "Password has to be made of printable characters."
if len(username) < 1 or len(username) > 40:
return "Username lenght invalid, only smaller then 40 charachters allowed"
if len(contact) > 100:
return "Contact lenght invalid, only smaller then 100 charachters allowed"
if len(password) > 500:
return "Password lenght invalid, only smaller then 500 charachters allowed"
sqladduser = User(username = username, contact = contact, password = password)
try:
db.session.add(sqladduser)
@ -86,27 +45,21 @@ def register():
@app.route('/projects/<int:task_id>', methods=['GET','POST'])
def project(task_id:int):
try:
task = Task.query.get(task_id)
except:
return 'Task not found, bad URL'
if task is None:
return 'Task not found, bad URL'
users = gettaskusers(task_id)
if request.method == 'GET':
try:
task = Task.query.get(task_id)
except:
return 'Task not found, bad URL'
return render_template("project.html", task = task, users = users)
elif request.method == 'POST':
username = request.form['username']
if len(username) < 1 or len(username) > 40:
return "Username lenght invalid, only smaller then 40 charachters allowed"
if username in users:
return 'User already added to task'
try:
userid = User.query.filter_by(username = username).first().id
except:
return 'User not found, please <a href="/register">register</a>.'
if userid is None:
return 'User not found, please <a href="/register">register</a>.'
sqladduser = TaskUser(userid = userid, taskid = task_id)
try:
db.session.add(sqladduser)
@ -115,36 +68,3 @@ def project(task_id:int):
except:
return 'Adding user failed'
@app.route('/projects/<int:task_id>/del', methods=['GET','POST'])
def deltask(task_id:int):
try:
task = Task.query.get(task_id)
except:
return 'Task not found, bad URL'
if task is None:
return 'Task not found, bad URL'
creatorid = task.creatorid
if request.method == 'GET':
if creatorid is None:
try:
db.session.delete(task)
db.session.commit()
return 'Task deleted'
except:
return 'Deleting task failed'
else:
return render_template('deltask.html', task = task)
if request.method == 'POST':
password = request.form['password']
if len(password) < 1 or len(password) > 500:
return "Password lenght invalid, only smaller then 500 charachters allowed"
# Check password
if password != ADMINPASS and password != User.query.get(creatorid).password:
return 'Wrong password'
# Delete task
try:
db.session.delete(task)
db.session.commit()
return 'Task deleted'
except:
return 'Deleting task failed'

View File

@ -25,11 +25,7 @@
</div>
<div class="form-input">
<label for="taskdesc" class="label">Description:</label>
<input type="text" name="taskdesc" id="taskdesc" placeholder="optional"/>
</div>
<div class="form-input">
<label for="username" class="label">Username:</label>
<input type="text" name="username" id="username" placeholder="optional"/>
<input type="text" name="taskdesc" id="taskdesc" required />
</div>
<div class="btn-wrap">
<button class="btn">Submit</button>

View File

@ -1,34 +0,0 @@
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<link rel="stylesheet" href="/static/style.css" />
<title>Delete task</title>
</head>
<body>
<header>
<nav class="container">
<ul>
<li class="current"><a href="/">Home</a></li>
<li><a href="/register">Register</a></li>
</ul>
</nav>
</header>
<main class="container page page-addtask">
<h1>Create new task</h1>
<div class="form-wrap">
<form action="/projects/{{task.id}}/del" method="POST">
<p> Task creator's password <p>
<div class="form-input">
<label for="password" class="label">password:</label>
<input type="password" name="password" id="password" required />
</div>
<div class="btn-wrap">
<button class="btn">DELETE</button>
</div>
</div>
</form>
</main>
</body>
</html>

View File

@ -43,7 +43,6 @@
<button class="btn">Submit</button>
</div>
</form>
<p><a href="/projects/{{task.id}}/del">DELETE TASK</a><p>
</div>
</div>
</section>