validations implemeented

2025-01-05 08:07:49 +03:00 · 2025-01-05 08:07:49 +03:00 · 7655b8b97a
commit 7655b8b97a
parent 6a11181075
2 changed files with 35 additions and 21 deletions
--- a/SWSCloudAdministrator/Administrator/tasks.py
+++ b/SWSCloudAdministrator/Administrator/tasks.py
@ -1,16 +1,14 @@
-# coding: utf-8
+"""Stack Web Services LLC"""

-# from uuid import uuid4
-# import validators
-
-from flask import Blueprint, flash, g, jsonify, redirect, render_template, request, session, url_for
-
-from SWSCloudCore.controllers.administrators import ControllerAdministrators
+import validators
+from flask import Blueprint, redirect, render_template, request, url_for
 from SWSCloudCore.controllers.tasks.manage import ControllerManageTasks
 from SWSCloudAdministrator.Administrator.common import requires_login
 from SWSCloudCore import models

-view_administrator_tasks = Blueprint('administrator_tasks', __name__, url_prefix='/administrator/tasks')
+view_administrator_tasks = Blueprint(
+    'administrator_tasks', __name__,
+    url_prefix='/administrator/tasks')


@view_administrator_tasks.route('/', methods=['GET'])
@ -25,23 +23,29 @@ def index():
@view_administrator_tasks.route('/edit.html', methods=['GET'])
@requires_login
 def edit():
-    task_id = request.args.get('task_id')
-
-    # TODO: check exists
-
+    task_id = request.form.get('task_id')
+    if not validators.uuid(task_id) or not models.Tasks.exists(task_id):
+        return redirect(url_for('administrator_tasks.index'))
+    task = ControllerManageTasks().get_task(task_id)
    return render_template(
        'administrator/tasks/edit.html',
-        task=ControllerManageTasks().get_task(task_id))
+        task=task)


@view_administrator_tasks.route('/edit.html', methods=['POST'])
@requires_login
 def edit_post():
    task_id = request.form.get('task_id')
+    # todo: validate
+    status = request.form.get('status')

-    # TODO: check exists
-    x = models.Tasks.update(status=request.form.get('status')).where(models.Tasks.id == task_id)
-    x.execute()
+    if not validators.uuid(task_id) or not models.Tasks.exists(task_id):
+        return redirect(url_for('administrator_tasks.index'))
+
+    task = models.Tasks.update(
+        status=status
+    ).where(models.Tasks.id == task_id)
+    task.execute()

    return redirect(url_for('administrator_tasks.edit', task_id=task_id))

@ -51,11 +55,13 @@ def edit_post():
 def delete():
    task_id = request.args.get('task_id')

-    # TODO: check exists
+    if not validators.uuid(task_id) or not models.Tasks.exists(task_id):
+        return redirect(url_for('administrator_tasks.index'))

+    task = ControllerManageTasks().get_task(task_id)
    return render_template(
        'administrator/tasks/delete.html',
-        task=ControllerManageTasks().get_task(task_id)
+        task=task
    )


@ -64,8 +70,10 @@ def delete():
 def delete_post():
    task_id = request.form.get('task_id')

-    # TODO: check exists
-    x = models.Tasks.delete().where(models.Tasks.id == task_id)
-    x.execute()
+    if not validators.uuid(task_id) or not models.Tasks.exists(task_id):
+        return redirect(url_for('administrator_tasks.index'))
+
+    task = models.Tasks.delete().where(models.Tasks.id == task_id)
+    task.execute()

    return redirect(url_for('administrator_tasks.index'))
--- a/SWSCloudCore/models.py
+++ b/SWSCloudCore/models.py
@ -339,6 +339,12 @@ class Tasks(PgSQLModel):
            user=user_id,
            plain=json.dumps(plain))

+    @staticmethod
+    def exists(task_id):
+        if Tasks.select().where(Tasks.id == task_id).count() == 0:
+            return False
+        return True
+

 class Settings(PgSQLModel):
    """