Require login for bericht.

[philipp/winterrodeln/wradmin.git] / wradmin / __init__.py

from flask import Flask, send_from_directory, abort, g, render_template, request, redirect, url_for, flash
from sqlalchemy.engine import create_engine
import wradmin.model
import wradmin.template_helper
from wradmin.controllers.rodelbahn import RodelbahnController
from wradmin.controllers.gasthaus import GasthausController
from wradmin.controllers.bericht import BerichtController
from wradmin.controllers.coordtool import CoordtoolController
from wradmin.auth import password_is_correct
from wradmin.auth.forms import LoginForm
from flask_login import LoginManager, current_user, login_required, login_user, logout_user


app = Flask(__name__)
app.config.from_envvar('WRADMIN_SETTINGS')
wradmin.model.init_model(create_engine(app.config['DATABASE_URI']))
app.jinja_env.globals.update(h=wradmin.template_helper.PylonsHelper())
login_manager = LoginManager(app)
login_manager.login_view = "login"


@app.before_request
def _before_request():
    g.user = current_user


@app.teardown_appcontext
def remove_db_session(error):
    """Removes the database session at the end of the request."""
    wradmin.model.meta.Session.remove()


@app.route("/")
def index():
    return render_template('index.html')


@app.route("/rodelbahn/list")
def rodelbahn_list():
    return RodelbahnController().list()


@app.route("/rodelbahn/view/<int:id>")
def rodelbahn_view(id):
    return RodelbahnController().view(id)


@app.route("/rodelbahn/update")
def rodelbahn_update():
    return RodelbahnController().update()


@app.route("/rodelbahn/update_regioncache")
def rodelbahn_update_regioncache():
    return RodelbahnController().update_regioncache()

@app.route("/rodelbahn/update_mapcache")
def rodelbahn_update_mapcache():
    return RodelbahnController().update_mapcache()

@app.route("/bericht/list")
@login_required
def bericht_list():
    return BerichtController().list()


@app.route("/bericht/view/<int:id>")
@login_required
def bericht_view(id):
    return BerichtController().view(id)


@app.route("/bericht/change_date_invalid/<int:id>", methods=['POST'])
@login_required
def bericht_change_date_invalid(id):
    return BerichtController().change_date_invalid(id)


@app.route("/bericht/update_reportcache")
def bericht_update_reportcache():
    return BerichtController().update_reportcache()


@app.route("/gasthaus/list")
def gasthaus_list():
    return GasthausController().list()


@app.route("/gasthaus/view/<int:id>")
def gasthaus_view(id):
    return GasthausController().view(id)


@app.route("/gasthaus/update")
def gasthaus_update():
    return GasthausController().update()


@app.route("/coordtool/index")
def coordtool_index():
    return CoordtoolController().index()


@app.route("/coordtool/convert", methods=['POST'])
def coordtool_convert():
    return CoordtoolController().convert()


@app.route("/login", methods=['GET', 'POST'])
def login():
    form = LoginForm()
    if form.validate_on_submit():
        user = wradmin.model.meta.Session.query(wradmin.model.MwUser).filter_by(user_name=form.user_name.data).first()
        if user is not None and password_is_correct(form.password.data, user.user_password.decode()):
            login_user(user, form.remember_me.data)
            next = request.args.get('next')
            if next is None or not next.startswith('/'):
                next = url_for('index')
            flash('Sie sind nun angemeldet.')
            return redirect(next)
        flash('Ungülter Benutzername oder ungültiges Passwort.')
    return render_template('auth/login.html', form=form)


@app.route("/logout")
def logout():
    logout_user()
    flash('Sie wurden ausgeloggt.')
    return redirect(url_for('index'))


@login_manager.user_loader
def user_loader(user_id):
    return wradmin.model.meta.Session.query(wradmin.model.MwUser).get(user_id)