validations implemeented

SWSCloudAdministrator/Administrator/tasks.py

@@ -1,16 +1,14 @@
-# coding: utf-8
+"""Stack Web Services LLC"""
 
-# from uuid import uuid4
+import validators
-# import validators
+from flask import Blueprint, redirect, render_template, request, url_for
-
-from flask import Blueprint, flash, g, jsonify, redirect, render_template, request, session, url_for
-
-from SWSCloudCore.controllers.administrators import ControllerAdministrators
 from SWSCloudCore.controllers.tasks.manage import ControllerManageTasks
 from SWSCloudAdministrator.Administrator.common import requires_login
 from SWSCloudCore import models
 
-view_administrator_tasks = Blueprint('administrator_tasks', __name__, url_prefix='/administrator/tasks')
+view_administrator_tasks = Blueprint(
+    'administrator_tasks', __name__,
+    url_prefix='/administrator/tasks')
 
 
 @view_administrator_tasks.route('/', methods=['GET'])
@@ -25,23 +23,29 @@ def index():
 @view_administrator_tasks.route('/edit.html', methods=['GET'])
 @requires_login
 def edit():
-    task_id = request.args.get('task_id')
+    task_id = request.form.get('task_id')
-
+    if not validators.uuid(task_id) or not models.Tasks.exists(task_id):
-    # TODO: check exists
+        return redirect(url_for('administrator_tasks.index'))
-
+    task = ControllerManageTasks().get_task(task_id)
     return render_template(
         'administrator/tasks/edit.html',
-        task=ControllerManageTasks().get_task(task_id))
+        task=task)
 
 
 @view_administrator_tasks.route('/edit.html', methods=['POST'])
 @requires_login
 def edit_post():
     task_id = request.form.get('task_id')
+    # todo: validate
+    status = request.form.get('status')
 
-    # TODO: check exists
+    if not validators.uuid(task_id) or not models.Tasks.exists(task_id):
-    x = models.Tasks.update(status=request.form.get('status')).where(models.Tasks.id == task_id)
+        return redirect(url_for('administrator_tasks.index'))
-    x.execute()
+
+    task = models.Tasks.update(
+        status=status
+    ).where(models.Tasks.id == task_id)
+    task.execute()
 
     return redirect(url_for('administrator_tasks.edit', task_id=task_id))
 
@@ -51,11 +55,13 @@ def edit_post():
 def delete():
     task_id = request.args.get('task_id')
 
-    # TODO: check exists
+    if not validators.uuid(task_id) or not models.Tasks.exists(task_id):
+        return redirect(url_for('administrator_tasks.index'))
 
+    task = ControllerManageTasks().get_task(task_id)
     return render_template(
         'administrator/tasks/delete.html',
-        task=ControllerManageTasks().get_task(task_id)
+        task=task
     )
 
 
@@ -64,8 +70,10 @@ def delete():
 def delete_post():
     task_id = request.form.get('task_id')
 
-    # TODO: check exists
+    if not validators.uuid(task_id) or not models.Tasks.exists(task_id):
-    x = models.Tasks.delete().where(models.Tasks.id == task_id)
+        return redirect(url_for('administrator_tasks.index'))
-    x.execute()
+
+    task = models.Tasks.delete().where(models.Tasks.id == task_id)
+    task.execute()
 
     return redirect(url_for('administrator_tasks.index'))

SWSCloudCore/models.py

@@ -339,6 +339,12 @@ class Tasks(PgSQLModel):
             user=user_id,
             plain=json.dumps(plain))
 
+    @staticmethod
+    def exists(task_id):
+        if Tasks.select().where(Tasks.id == task_id).count() == 0:
+            return False
+        return True
+
 
 class Settings(PgSQLModel):
     """