From 7655b8b97a2792aa3f7328ad0de7921844fa4559 Mon Sep 17 00:00:00 2001 From: viacheslav anzhiganov Date: Sun, 5 Jan 2025 08:07:49 +0300 Subject: [PATCH] validations implemeented --- SWSCloudAdministrator/Administrator/tasks.py | 50 ++++++++++++-------- SWSCloudCore/models.py | 6 +++ 2 files changed, 35 insertions(+), 21 deletions(-) diff --git a/SWSCloudAdministrator/Administrator/tasks.py b/SWSCloudAdministrator/Administrator/tasks.py index 483719e..c0bcd08 100644 --- a/SWSCloudAdministrator/Administrator/tasks.py +++ b/SWSCloudAdministrator/Administrator/tasks.py @@ -1,16 +1,14 @@ -# coding: utf-8 +"""Stack Web Services LLC""" -# from uuid import uuid4 -# import validators - -from flask import Blueprint, flash, g, jsonify, redirect, render_template, request, session, url_for - -from SWSCloudCore.controllers.administrators import ControllerAdministrators +import validators +from flask import Blueprint, redirect, render_template, request, url_for from SWSCloudCore.controllers.tasks.manage import ControllerManageTasks from SWSCloudAdministrator.Administrator.common import requires_login from SWSCloudCore import models -view_administrator_tasks = Blueprint('administrator_tasks', __name__, url_prefix='/administrator/tasks') +view_administrator_tasks = Blueprint( + 'administrator_tasks', __name__, + url_prefix='/administrator/tasks') @view_administrator_tasks.route('/', methods=['GET']) @@ -25,23 +23,29 @@ def index(): @view_administrator_tasks.route('/edit.html', methods=['GET']) @requires_login def edit(): - task_id = request.args.get('task_id') - - # TODO: check exists - + task_id = request.form.get('task_id') + if not validators.uuid(task_id) or not models.Tasks.exists(task_id): + return redirect(url_for('administrator_tasks.index')) + task = ControllerManageTasks().get_task(task_id) return render_template( 'administrator/tasks/edit.html', - task=ControllerManageTasks().get_task(task_id)) + task=task) @view_administrator_tasks.route('/edit.html', methods=['POST']) @requires_login def edit_post(): task_id = request.form.get('task_id') + # todo: validate + status = request.form.get('status') - # TODO: check exists - x = models.Tasks.update(status=request.form.get('status')).where(models.Tasks.id == task_id) - x.execute() + if not validators.uuid(task_id) or not models.Tasks.exists(task_id): + return redirect(url_for('administrator_tasks.index')) + + task = models.Tasks.update( + status=status + ).where(models.Tasks.id == task_id) + task.execute() return redirect(url_for('administrator_tasks.edit', task_id=task_id)) @@ -51,11 +55,13 @@ def edit_post(): def delete(): task_id = request.args.get('task_id') - # TODO: check exists + if not validators.uuid(task_id) or not models.Tasks.exists(task_id): + return redirect(url_for('administrator_tasks.index')) + task = ControllerManageTasks().get_task(task_id) return render_template( 'administrator/tasks/delete.html', - task=ControllerManageTasks().get_task(task_id) + task=task ) @@ -64,8 +70,10 @@ def delete(): def delete_post(): task_id = request.form.get('task_id') - # TODO: check exists - x = models.Tasks.delete().where(models.Tasks.id == task_id) - x.execute() + if not validators.uuid(task_id) or not models.Tasks.exists(task_id): + return redirect(url_for('administrator_tasks.index')) + + task = models.Tasks.delete().where(models.Tasks.id == task_id) + task.execute() return redirect(url_for('administrator_tasks.index')) diff --git a/SWSCloudCore/models.py b/SWSCloudCore/models.py index b82bc49..8f3056d 100644 --- a/SWSCloudCore/models.py +++ b/SWSCloudCore/models.py @@ -339,6 +339,12 @@ class Tasks(PgSQLModel): user=user_id, plain=json.dumps(plain)) + @staticmethod + def exists(task_id): + if Tasks.select().where(Tasks.id == task_id).count() == 0: + return False + return True + class Settings(PgSQLModel): """