neuer stand

inventorysystem/config.toml

@@ -1,2 +1,2 @@
-DSN = "service=db dbname=inventarsystem password=kail0eiShaht2voh4rei user=adnidor_static"
+DSN = "dbname=inventarsystem dbname=inventarsystem host=/tmp"
 LDAP_URI = "ldap://ldap.yannik.intern.yannikenss.de"

inventorysystem/templates/base.html

@@ -3,6 +3,7 @@
     <title>{% block title %}AStA-Inventarsystem{% endblock %}</title>
 </head>
 <body>
+<a href=/>Home</a> Logged in as {{session.full_name}} ({{session.username}})<br>
     {% block content %}{% endblock %}
 </body
 </html>

inventorysystem/templates/index.html

@@ -1,4 +1,6 @@
 {% extends "base.html" %}
 {% block content %}
 Logged in as {{session.full_name}} ({{session.username}})
+
+<a href=/oes>Show OEs</a>
 {% endblock %}

inventorysystem/templates/list_oes.html

@@ -0,0 +1,8 @@
+{% extends "base.html" %}
+{% block content %}
+<h1>OEs</h1>
+
+{% for id,name in dbresult %}
+<a href=/inventory/{{ id }}>{{name}}</a>
+{% endfor %}
+{% endblock %}

inventorysystem/templates/show_inventory.html

@@ -0,0 +1,8 @@
+{% extends "base.html" %}
+{% block content %}
+<h1>Inventar</h1>
+<h2>{{oe_name}}</h2>
+{% for entry in dbresult %}
+{{entry}}<br>
+{% endfor %}
+{% endblock %}

inventorysystem/views.py

@@ -7,12 +7,13 @@ from inventorysystem import app
 def show_message(message):
     return flask.render_template("message.html", message=message)
 
-def user_has_permission(user_id, permission, oe=None)
+def user_has_permission(user_id, permission, oe=None):
     db = psycopg2.connect(app.config["DSN"])
     cur = db.cursor()
-    cur.execute("select count(*) from permissions where id=%s and permission=%s and (oe=%s or oe=NULL)", (user_id, permission, oe))
+    cur.execute("select count(*) from permissions where \"user\"=%s and permission=%s and (oe=%s or oe is NULL)", (user_id, permission, oe))
     allowed = cur.fetchone()[0] > 0
     db.close()
+    return allowed
 
 def login_required(f):
     @functools.wraps(f)
@@ -64,4 +65,32 @@ def login():
 
         return flask.redirect(flask.url_for("index"))
 
+@app.route("/oes")
+@login_required
+def list_oes():
+    db = psycopg2.connect(app.config["DSN"])
+    cur = db.cursor()
+    cur.execute("select id, name from organizational_units")
+    result = cur.fetchall()
+    db.close()
+    
+    return flask.render_template("list_oes.html", dbresult=result)
+
+
+@app.route("/inventory/<int:oe>")
+def show_inventory(oe):
+    if not user_has_permission(session["user_id"], "show_inventory", oe):
+        return show_message("Permission denied"), 403
+
+    db = psycopg2.connect(app.config["DSN"])
+    cur = db.cursor()
+    cur.execute("select id,serial,innenauftrag,description,location,purchase_date,old_inventory_id from inventory where oe=%s", (oe,))
+    result = cur.fetchall()
+    cur.execute("select name from organizational_units where id=%s", (oe,))
+    oe_name = cur.fetchone()[0]
+    db.close()
+
+    return flask.render_template("show_inventory.html", dbresult=result, oe_name=oe_name)
+        
+
 

schema.psql

@@ -1,211 +1,31 @@
---
--- PostgreSQL database dump
---
+CREATE TABLE organizational_units (
+    id serial NOT NULL PRIMARY KEY,
+    name integer NOT NULL
+);
 
--- Dumped from database version 13.8 (Debian 13.8-0+deb11u1)
--- Dumped by pg_dump version 14.5
+CREATE TABLE users (
+    id serial NOT NULL PRIMARY KEY,
+    username character varying NOT NULL,
+    full_name character varying NOT NULL,
+    password character varying NOT NULL
+);
 
-SET statement_timeout = 0;
-SET lock_timeout = 0;
-SET idle_in_transaction_session_timeout = 0;
-SET client_encoding = 'SQL_ASCII';
-SET standard_conforming_strings = on;
-SELECT pg_catalog.set_config('search_path', '', false);
-SET check_function_bodies = false;
-SET xmloption = content;
-SET client_min_messages = warning;
-SET row_security = off;
-
-SET default_tablespace = '';
-
-SET default_table_access_method = heap;
-
---
--- Name: inventory; Type: TABLE; Schema: public; Owner: adnidor
---
-
-CREATE TABLE public.inventory (
-    id uuid DEFAULT gen_random_uuid() NOT NULL,
+CREATE TABLE inventory (
+    id uuid DEFAULT gen_random_uuid() NOT NULL PRIMARY KEY,
     serial character varying,
     innenauftrag character varying NOT NULL,
     description character varying NOT NULL,
-    oe integer NOT NULL,
+    oe integer NOT NULL REFERENCES organizational_units,
     location text NOT NULL,
     purchase_date timestamp with time zone NOT NULL,
     purchase_price money NOT NULL,
     old_inventory_id character varying
 );
 
-
-ALTER TABLE public.inventory OWNER TO adnidor;
-
---
--- Name: organizational_units; Type: TABLE; Schema: public; Owner: adnidor
---
-
-CREATE TABLE public.organizational_units (
-    id integer NOT NULL,
-    name integer NOT NULL
-);
-
-
-ALTER TABLE public.organizational_units OWNER TO adnidor;
-
---
--- Name: permissions; Type: TABLE; Schema: public; Owner: adnidor
---
-
-CREATE TABLE public.permissions (
-    id integer NOT NULL,
-    "user" integer NOT NULL,
-    oe integer,
+CREATE TABLE permissions (
+    id serial NOT NULL PRIMARY KEY,
+    "user" integer NOT NULL REFERENCES users,
+    oe integer REFERENCES organizational_units,
     permission character varying NOT NULL
 );
 
-
-ALTER TABLE public.permissions OWNER TO adnidor;
-
---
--- Name: permissions_id_seq; Type: SEQUENCE; Schema: public; Owner: adnidor
---
-
-CREATE SEQUENCE public.permissions_id_seq
-    AS integer
-    START WITH 1
-    INCREMENT BY 1
-    NO MINVALUE
-    NO MAXVALUE
-    CACHE 1;
-
-
-ALTER TABLE public.permissions_id_seq OWNER TO adnidor;
-
---
--- Name: permissions_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: adnidor
---
-
-ALTER SEQUENCE public.permissions_id_seq OWNED BY public.permissions.id;
-
-
---
--- Name: users; Type: TABLE; Schema: public; Owner: adnidor
---
-
-CREATE TABLE public.users (
-    id integer NOT NULL,
-    username character varying NOT NULL,
-    full_name character varying NOT NULL,
-    password character varying NOT NULL
-);
-
-
-ALTER TABLE public.users OWNER TO adnidor;
-
---
--- Name: users_id_seq; Type: SEQUENCE; Schema: public; Owner: adnidor
---
-
-CREATE SEQUENCE public.users_id_seq
-    AS integer
-    START WITH 1
-    INCREMENT BY 1
-    NO MINVALUE
-    NO MAXVALUE
-    CACHE 1;
-
-
-ALTER TABLE public.users_id_seq OWNER TO adnidor;
-
---
--- Name: users_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: adnidor
---
-
-ALTER SEQUENCE public.users_id_seq OWNED BY public.users.id;
-
-
---
--- Name: permissions id; Type: DEFAULT; Schema: public; Owner: adnidor
---
-
-ALTER TABLE ONLY public.permissions ALTER COLUMN id SET DEFAULT nextval('public.permissions_id_seq'::regclass);
-
-
---
--- Name: users id; Type: DEFAULT; Schema: public; Owner: adnidor
---
-
-ALTER TABLE ONLY public.users ALTER COLUMN id SET DEFAULT nextval('public.users_id_seq'::regclass);
-
-
---
--- Name: inventory inventory_id; Type: CONSTRAINT; Schema: public; Owner: adnidor
---
-
-ALTER TABLE ONLY public.inventory
-    ADD CONSTRAINT inventory_id PRIMARY KEY (id);
-
-
---
--- Name: organizational_units organizational_units_id; Type: CONSTRAINT; Schema: public; Owner: adnidor
---
-
-ALTER TABLE ONLY public.organizational_units
-    ADD CONSTRAINT organizational_units_id PRIMARY KEY (id);
-
-
---
--- Name: permissions permissions_pkey; Type: CONSTRAINT; Schema: public; Owner: adnidor
---
-
-ALTER TABLE ONLY public.permissions
-    ADD CONSTRAINT permissions_pkey PRIMARY KEY (id);
-
-
---
--- Name: users users_pkey; Type: CONSTRAINT; Schema: public; Owner: adnidor
---
-
-ALTER TABLE ONLY public.users
-    ADD CONSTRAINT users_pkey PRIMARY KEY (id);
-
-
---
--- Name: inventory inventory_oe_fkey; Type: FK CONSTRAINT; Schema: public; Owner: adnidor
---
-
-ALTER TABLE ONLY public.inventory
-    ADD CONSTRAINT inventory_oe_fkey FOREIGN KEY (oe) REFERENCES public.organizational_units(id);
-
-
---
--- Name: TABLE inventory; Type: ACL; Schema: public; Owner: adnidor
---
-
-GRANT ALL ON TABLE public.inventory TO adnidor_static;
-
-
---
--- Name: TABLE organizational_units; Type: ACL; Schema: public; Owner: adnidor
---
-
-GRANT ALL ON TABLE public.organizational_units TO adnidor_static;
-
-
---
--- Name: TABLE permissions; Type: ACL; Schema: public; Owner: adnidor
---
-
-GRANT ALL ON TABLE public.permissions TO adnidor_static;
-
-
---
--- Name: TABLE users; Type: ACL; Schema: public; Owner: adnidor
---
-
-GRANT ALL ON TABLE public.users TO adnidor_static;
-
-
---
--- PostgreSQL database dump complete
---
-