update

2024-12-09 20:30:19 +01:00
parent d080b6287c
commit 9b5f3b23fb
13 changed files with 636 additions and 43 deletions
--- a/web/app.py
+++ b/web/app.py
@@ -1,8 +1,10 @@
 from flask import Flask, render_template, request, redirect, url_for, flash, session
 import logging
 from datetime import datetime
-import sqlite3
 from werkzeug.security import check_password_hash, generate_password_hash
+from db import get_db_connection, fetch_users, fetch_orders, fetch_roles, fetch_repairs, fetch_employees
+from auth import encrypt_password, check_password
+import random

 app = Flask(__name__)
 app.secret_key = 'aezakmi'
@@ -30,32 +32,6 @@ def log_request(response):
    app.logger.info(f"{client_ip} - - [{request.date}] \"{request.method} {request.full_path} {request.environ.get('SERVER_PROTOCOL')}\" {response.status_code}")
    return response
 # ----------------- End of logging part -----------------
-# Database connection
-def get_db_connection():
-    conn = sqlite3.connect('./static/db/db.sqlite')
-    conn.row_factory = sqlite3.Row
-    return conn
-
-# Function to convert row to dictionary
-def dict_from_row(row):
-    return {key: row[key] for key in row.keys()}
-
-# Function to fetch users from database
-def fetch_users(role_id):
-    conn = get_db_connection()
-    users = conn.execute('SELECT * FROM Zamestnanci WHERE Role_ID >= ?', (role_id,)).fetchall()
-    users = [dict_from_row(user) for user in users]
-    conn.close()
-    app.logger.debug(f"Fetched users: {users}")
-    return users
-
-# Function to encrypt password
-def encrypt_password(password):
-    return generate_password_hash(password)
-
-# Function to check password
-def check_password(stored_password, provided_password):
-    return check_password_hash(stored_password, provided_password)

 # Routes
@app.route('/logout')
@@ -117,7 +93,9 @@ def administrator():
        flash('Nemáte oprávnění k přístupu na tuto stránku.', 'error')
        return redirect(url_for('login'))
    users = fetch_users(session.get('role_id'))
-    return render_template('administrator.html', users=users)
+    orders = fetch_orders()
+    roles = fetch_roles()
+    return render_template('administrator.html', users=users, orders=orders, roles=roles)

@app.route('/create_user', methods=['GET', 'POST'])
 def create_user():
@@ -205,6 +183,137 @@ def delete_user(user_id):
    conn.close()
    return redirect(url_for('administrator'))

+@app.route('/edit_order/<int:order_id>', methods=['GET', 'POST'])
+def edit_order(order_id):
+    if not session.get('logged_in') or session.get('role_id') != 1:
+        flash('Nemáte oprávnění k přístupu na tuto stránku.', 'error')
+        return redirect(url_for('login'))
+    
+    conn = get_db_connection()
+    order = conn.execute('SELECT * FROM Objednavky WHERE ID_Objednavky = ?', (order_id,)).fetchone()
+    
+    if request.method == 'POST':
+        stav = request.form['stav']
+        id_zamestnance = request.form['id_zamestnance']
+        popis = request.form['popis']
+        datum_konce = request.form['datum_konce']
+        
+        conn.execute('UPDATE Objednavky SET Stav = ?, ID_Zamestnance = ?, Popis = ?, Datum_Konce = ? WHERE ID_Objednavky = ?',
+                     (stav, id_zamestnance, popis, datum_konce, order_id))
+        
+        conn.commit()
+        conn.close()
+        
+        flash('Objednávka byla úspěšně aktualizována.')
+        return redirect(url_for('administrator'))
+    
+    conn.close()
+    return render_template('edit_order.html', order=order)
+
+@app.route('/repairs')
+def repairs():
+    if not session.get('logged_in'):
+        flash('Nemáte oprávnění k přístupu na tuto stránku.', 'error')
+        return redirect(url_for('login'))
+    repairs = fetch_repairs()
+    return render_template('repairs.html', repairs=repairs)
+
+@app.route('/create_repair', methods=['GET', 'POST'])
+def create_repair():
+    if not session.get('logged_in') or session.get('role_id') != 1:
+        flash('Nemáte oprávnění k přístupu na tuto stránku.', 'error')
+        return redirect(url_for('login'))
+    
+    if request.method == 'POST':
+        id_zamestnance = request.form['id_zamestnance']
+        nazev = request.form['nazev']
+        popis = request.form['popis']
+        
+        conn = get_db_connection()
+        try:
+            conn.execute('INSERT INTO Opravy (ID_Zamestnance, Nazev, Popis) VALUES (?, ?, ?)',
+                         (id_zamestnance, nazev, popis))
+            conn.commit()
+            flash('Nová oprava byla úspěšně vytvořena.', 'success')
+            return redirect(url_for('repairs'))
+        except sqlite3.Error as e:
+            flash(f'Chyba při vytváření opravy: {e}', 'error')
+        finally:
+            conn.close()
+    
+    employees = fetch_employees()
+    return render_template('create_repair.html', employees=employees)
+
+@app.route('/edit_repair/<int:repair_id>', methods=['GET', 'POST'])
+def edit_repair(repair_id):
+    if not session.get('logged_in') or session.get('role_id') != 1:
+        flash('Nemáte oprávnění k přístupu na tuto stránku.', 'error')
+        return redirect(url_for('login'))
+    
+    conn = get_db_connection()
+    repair = conn.execute('SELECT * FROM Opravy WHERE ID_Opravy = ?', (repair_id,)).fetchone()
+    
+    if request.method == 'POST':
+        id_zamestnance = request.form['id_zamestnance']
+        nazev = request.form['nazev']
+        popis = request.form['popis']
+        
+        conn.execute('UPDATE Opravy SET ID_Zamestnance = ?, Nazev = ?, Popis = ? WHERE ID_Opravy = ?',
+                     (id_zamestnance, nazev, popis, repair_id))
+        conn.commit()
+        conn.close()
+        
+        flash('Oprava byla úspěšně aktualizována.')
+        return redirect(url_for('repairs'))
+    
+    employees = fetch_employees()
+    conn.close()
+    return render_template('edit_repair.html', repair=repair, employees=employees)
+
+@app.route('/delete_repair/<int:repair_id>', methods=['POST'])
+def delete_repair(repair_id):
+    if not session.get('logged_in') or session.get('role_id') != 1:
+        flash('Nemáte oprávnění k přístupu na tuto stránku.', 'error')
+        return redirect(url_for('login'))
+    
+    conn = get_db_connection()
+    conn.execute('DELETE FROM Opravy WHERE ID_Opravy = ?', (repair_id,))
+    conn.commit()
+    conn.close()
+    
+    flash('Oprava byla úspěšně smazána.')
+    return redirect(url_for('repairs'))
+
+@app.route('/create_reservation', methods=['POST'])
+def create_reservation():
+    full_name = request.form['fullName']
+    email = request.form['email']
+    date = request.form['date']
+    description = request.form['description']
+    
+    # Convert date to DD.MM.YYYY format
+    formatted_date = datetime.strptime(date, '%Y-%m-%d').strftime('%d.%m.%Y')
+    
+    conn = get_db_connection()
+    try:
+        # Fetch a random user with role_id 2
+        user = conn.execute('SELECT ID_Uzivatele FROM Zamestnanci WHERE Role_ID = 2 ORDER BY RANDOM() LIMIT 1').fetchone()
+        if user:
+            user_id = user['ID_Uzivatele']
+        else:
+            user_id = 1  # Fallback to a default user ID if no user with role_id 2 is found
+        
+        conn.execute('INSERT INTO Objednavky (Stav, ID_Zamestnance, Popis, ID_Vozidla, Datum_Zacatku, Cena) VALUES (?, ?, ?, ?, ?, ?)',
+                     ('Nová', user_id, description, 1, formatted_date, 0.0))  # Example values for ID_Vozidla
+        conn.commit()
+        flash('Rezervace byla úspěšně vytvořena.', 'success')
+    except sqlite3.Error as e:
+        flash(f'Chyba při vytváření rezervace: {e}', 'error')
+    finally:
+        conn.close()
+    
+    return redirect(url_for('home'))
+
 # Always redirect back home
@app.errorhandler(404)
 def default_page(e):