Compare commits

...

8 Commits

6 changed files with 484 additions and 1 deletions

View File

@ -64,7 +64,7 @@ menu = {
{
"name":"Dashboard",
"target":"_self",
"href":"/portal/dashboard",
"href":"/dashboard",
"roles":[1,2]
},
{

View File

@ -11,6 +11,7 @@ import json
from config import directory
import templates.plain.main as template_public
import templates.prime.main as template_dashboard
import templates.postcard.main as template_email
import modules.public.home as public_home
@ -21,8 +22,15 @@ import modules.public.login as public_login
import modules.public.forgot as public_forgot
import modules.public.reset as public_reset
import modules.dashboard.dashboard as dashboard_dashboard
import modules.dashboard.roles as dashboard_roles
import modules.dashboard.users as dashboard_users
import modules.api.auth as api_auth
import modules.api.dashboard.roles as api_dashboard_roles
import modules.api.dashboard.users as api_dashboard_users
app = Bottle()
@app.route('/')
@ -109,6 +117,33 @@ def index():
else:
redirect('/')
@app.route('/dashboard')
def index():
params = {
"mako" : {
"website" : template_dashboard.main(directory.page["dashboard"], "dashboard")
}
}
return dashboard_dashboard.dashboard().html(params)
@app.route('/dashboard/roles')
def index():
params = {
"mako" : {
"website" : template_dashboard.main(directory.page["dashboard"], "roles")
}
}
return dashboard_roles.roles().html(params)
@app.route('/dashboard/users')
def index():
params = {
"mako" : {
"website" : template_dashboard.main(directory.page["dashboard"], "users")
}
}
return dashboard_users.users().html(params)
@app.route('/api/auth/registration/register/<roles>', method='POST')
def index(roles):
try:
@ -215,3 +250,53 @@ def index(type):
except Exception as e:
print(str(e))
return json.dumps({}, indent = 2).encode()
@app.route('/api/dashboard/roles/list', method='POST')
def index():
try:
params = request.json
response.content_type = 'application/json'
return json.dumps(api_dashboard_roles.roles().list(params), indent = 2).encode()
except Exception as e:
print(str(e))
return json.dumps({}, indent = 2).encode()
@app.route('/api/dashboard/roles/add', method='POST')
def index():
try:
params = request.json
response.content_type = 'application/json'
return json.dumps(api_dashboard_roles.roles().add(params), indent = 2).encode()
except Exception as e:
print(str(e))
return json.dumps({}, indent = 2).encode()
@app.route('/api/dashboard/roles/edit', method='POST')
def index():
try:
params = request.json
response.content_type = 'application/json'
return json.dumps(api_dashboard_roles.roles().edit(params), indent = 2).encode()
except Exception as e:
print(str(e))
return json.dumps({}, indent = 2).encode()
@app.route('/api/dashboard/roles/remove', method='POST')
def index():
try:
params = request.json
response.content_type = 'application/json'
return json.dumps(api_dashboard_roles.roles().remove(params), indent = 2).encode()
except Exception as e:
print(str(e))
return json.dumps({}, indent = 2).encode()
@app.route('/api/dashboard/users/list', method='POST')
def index():
try:
params = request.json
response.content_type = 'application/json'
return json.dumps(api_dashboard_users.users().list(params), indent = 2).encode()
except Exception as e:
print(str(e))
return json.dumps({}, indent = 2).encode()

View File

@ -0,0 +1,143 @@
import mysql.connector as mariadb
from mako.template import Template
from bottle import request
from config import database, globalvar
from scripts import loggorilla, tokenguard
import procedure.validation as procedure_validation
class roles:
def __init__(self):
self.db_main = mariadb.connect(**database.db_main)
self.cursor = self.db_main.cursor(dictionary=True)
def list(self, params):
APIADDR = "/api/dashboard/roles/list"
response = {}
loggorilla.prcss(APIADDR, "Define parameters")
token = params["token" ]
allowed_roles = [1,2] # Roles list is public or not?
loggorilla.prcss(APIADDR, "Account validation")
user_validation = procedure_validation.validation().account(APIADDR, allowed_roles, token)
user = user_validation['data']
self.cursor.execute("BEGIN;")
try:
self.cursor.execute("select auth_roles.id, auth_roles.name, (select count(*) from auth_profile_roles apr where apr.auth_roles = auth_roles.id) AS `count` from auth_roles;")
r_roles = self.cursor.fetchall()
response["status" ] = "success"
response["desc" ] = "data collected"
response["data" ] = r_roles
except Exception as e:
self.cursor.execute("ROLLBACK;")
loggorilla.error(APIADDR, str(e) )
response["status" ] = "failed"
response["desc" ] = "Internal Server Error. Please contact us if you still have an error."
finally:
self.cursor.execute("COMMIT;")
self.cursor.close()
self.db_main.close()
return response
def add(self, params):
APIADDR = "/api/dashboard/roles/add"
response = {}
loggorilla.prcss(APIADDR, "Define parameters")
token = params["token" ]
id = params["id" ]
name = params["name" ]
allowed_roles = [1]
loggorilla.prcss(APIADDR, "Account validation")
user_validation = procedure_validation.validation().account(APIADDR, allowed_roles, token)
user = user_validation['data']
self.cursor.execute("BEGIN;")
try:
self.cursor.execute("INSERT INTO `auth_roles` VALUES (%s, %s, NOW(), NULL) ;", (id, name) )
response["status" ] = "success"
response["desc" ] = "data added"
except Exception as e:
self.cursor.execute("ROLLBACK;")
loggorilla.error(APIADDR, str(e) )
response["status" ] = "failed"
response["desc" ] = "Internal Server Error. Please contact us if you still have an error."
finally:
self.cursor.execute("COMMIT;")
self.cursor.close()
self.db_main.close()
return response
def edit(self, params):
APIADDR = "/api/dashboard/roles/edit"
response = {}
loggorilla.prcss(APIADDR, "Define parameters")
token = params["token" ]
key = params["key" ]
id = params["id" ]
name = params["name" ]
allowed_roles = [1]
loggorilla.prcss(APIADDR, "Account validation")
user_validation = procedure_validation.validation().account(APIADDR, allowed_roles, token)
user = user_validation['data']
self.cursor.execute("BEGIN;")
try:
if key == 1 or id == 1:
response["status" ] = "failed"
response["desc" ] = "Cannot change super user"
else:
self.cursor.execute("UPDATE `auth_roles` SET `id` = %s, `name` = %s, `when_update` = NOW() WHERE `id` = %s ;", (id, name, key) )
response["status" ] = "success"
response["desc" ] = "data change"
except Exception as e:
self.cursor.execute("ROLLBACK;")
loggorilla.error(APIADDR, str(e) )
response["status" ] = "failed"
response["desc" ] = "Internal Server Error. Please contact us if you still have an error."
finally:
self.cursor.execute("COMMIT;")
self.cursor.close()
self.db_main.close()
return response
def remove(self, params):
APIADDR = "/api/dashboard/roles/remove"
response = {}
loggorilla.prcss(APIADDR, "Define parameters")
token = params["token" ]
key = params["key" ]
allowed_roles = [1]
loggorilla.prcss(APIADDR, "Account validation")
user_validation = procedure_validation.validation().account(APIADDR, allowed_roles, token)
user = user_validation['data']
self.cursor.execute("BEGIN;")
try:
if key == 1:
response["status" ] = "failed"
response["desc" ] = "Cannot change super user"
else:
self.cursor.execute("DELETE FROM `auth_roles` WHERE `id` = %s ;", (key,) )
response["status" ] = "success"
response["desc" ] = "data removed"
except Exception as e:
self.cursor.execute("ROLLBACK;")
loggorilla.error(APIADDR, str(e) )
response["status" ] = "failed"
response["desc" ] = "Internal Server Error. Please contact us if you still have an error."
finally:
self.cursor.execute("COMMIT;")
self.cursor.close()
self.db_main.close()
return response

View File

@ -0,0 +1,61 @@
import mysql.connector as mariadb
from mako.template import Template
from bottle import request
from config import database, globalvar
from scripts import loggorilla, tokenguard
import procedure.validation as procedure_validation
class users:
def __init__(self):
self.db_main = mariadb.connect(**database.db_main)
self.cursor = self.db_main.cursor(dictionary=True)
def list(self, params):
APIADDR = "/api/dashboard/users/list"
response = {}
loggorilla.prcss(APIADDR, "Define parameters")
token = params["token" ]
allowed_roles = [1,2]
loggorilla.prcss(APIADDR, "Account validation")
user_validation = procedure_validation.validation().account(APIADDR, allowed_roles, token)
user = user_validation['data']
self.cursor.execute("BEGIN;")
try:
r_profile = []
self.cursor.execute("select auth_profile.id, auth_profile.username, auth_profile.email, auth_profile.phone from auth_profile;")
l1 = self.cursor.fetchall()
c1 = 0
for d1 in l1:
r_profile.append({
"id" : d1["id" ],
"username" : d1["username" ],
"email" : d1["email" ],
"phone" : d1["phone" ],
"roles" : [],
"verification" : []
})
self.cursor.execute("select auth_roles.id, auth_roles.name from auth_profile_roles inner join auth_roles on auth_profile_roles.auth_roles = auth_roles.id where auth_profile_roles.auth_profile = %s ; ", ( d1["id"], ) )
r_profile[c1]["roles"] = self.cursor.fetchall()
self.cursor.execute("select `type`, `verified` from auth_profile_verification where auth_profile = %s ; ", ( d1["id"], ) )
r_profile[c1]["verification"] = self.cursor.fetchall()
c1 += 1
response["status" ] = "success"
response["desc" ] = "data collected"
response["data" ] = r_profile
except Exception as e:
self.cursor.execute("ROLLBACK;")
loggorilla.error(APIADDR, str(e) )
response["status" ] = "failed"
response["desc" ] = "Internal Server Error. Please contact us if you still have an error."
finally:
self.cursor.execute("COMMIT;")
self.cursor.close()
self.db_main.close()
return response

View File

@ -0,0 +1,119 @@
var token = document.getElementById("form-token" ).value;
var table = $('#table-roles').DataTable({
"orderCellsTop": true, // move sorting to top header
"columnDefs": [
{ "orderable": false, "targets": [3] } // Disable sorting on the first and fourth columns
],
"ajax": {
"url": "/api/dashboard/roles/list",
"type": "POST", // Use POST method
"dataSrc": "data",
"contentType": "application/json",
"data": function(d) {
// Customize the data payload sent in the POST request
return JSON.stringify({
"token": token
});
},
"error": function (xhr, error, thrown) {
console.error('Error fetching data:', thrown);
console.error('Response:', xhr.responseText);
}
},
"columns": [
{
"data": "id",
"render": function(data, type, row) {
return `<span class="d-none">${data}</span><input ${data==1 ? 'disabled' : ''} class="form-control form-control-sm" placeholder="ID" id="form-edit-id-${data}" value="${data}">`;
}
},
{
"data": "name",
"render": function(data, type, row) {
return `<span class="d-none">${data}</span><input ${row.id==1 ? 'disabled' : ''} class="form-control form-control-sm" placeholder="Name" id="form-edit-name-${row.id}" value="${data}">`;
}
},
{
"data": "count",
"render": function(data, type, row) {
return `<span class="badge bg-${data==0 ? 'secondary' : 'success'}">${data} User(s)</span>`;
}
},
{
"data": null,
"defaultContent": "",
"render": function(data, type, row) {
if (row.id==1) return "";
else return `<button ${row.id==1 ? 'disabled' : ''} class="btn btn-success btn-sm" type="button" onclick="submitEdit(${row.id})">
<span class="fa fa-save"></span> Save
</button>
<button ${row.id==1 ? 'disabled' : ''} class="btn btn-danger btn-sm" type="button" onclick="if(confirm('Are you sure you want to delete this?')) { submitRemove(${row.id}); }">
<span class="fa fa-trash-alt"></span> Delete
</button>`;
}
}
],
"initComplete": function () {
// Custom init logic if needed
}
});
function submitAdd() {
var id = document.getElementById("form-add-id" ).value;
var name = document.getElementById("form-add-name" ).value;
var url = "/api/dashboard/roles/add";
var payload = {
"token" : token,
"id" : id,
"name" : name
};
sendHttpRequest(url, "POST", payload, function (error, response) {
if (error) console.error("Error:", error);
else {
table.ajax.reload(null, false); // false means keep the current page
console.log("JSON Response:", response);
}
}, "application/json");
}
function submitEdit(key) {
var id = document.getElementById(`form-edit-id-${key}` ).value;
var name = document.getElementById(`form-edit-name-${key}` ).value;
var url = "/api/dashboard/roles/edit";
var payload = {
"token" : token,
"key" : key,
"id" : id,
"name" : name
};
sendHttpRequest(url, "POST", payload, function (error, response) {
if (error) console.error("Error:", error);
else {
table.ajax.reload(null, false); // false means keep the current page
console.log("JSON Response:", response);
}
}, "application/json");
}
function submitRemove(key) {
var url = "/api/dashboard/roles/remove";
var payload = {
"token" : token,
"key" : key
};
sendHttpRequest(url, "POST", payload, function (error, response) {
if (error) console.error("Error:", error);
else {
table.ajax.reload(null, false); // false means keep the current page
console.log("JSON Response:", response);
}
}, "application/json");
}

View File

@ -0,0 +1,75 @@
var token = document.getElementById("form-token" ).value;
var table = $('#table-users').DataTable({
"columnDefs": [
{ "orderable": false, "targets": [4, 5, 6] } // Disable sorting on the first and fourth columns
],
"ajax": {
"url": "/api/dashboard/users/list",
"type": "POST", // Use POST method
"dataSrc": "data",
"contentType": "application/json",
"data": function(d) {
// Customize the data payload sent in the POST request
return JSON.stringify({
"token": token
});
},
"error": function (xhr, error, thrown) {
console.error('Error fetching data:', thrown);
console.error('Response:', xhr.responseText);
}
},
"columns": [
{
"data": "id",
"render": function(data, type, row) {
return `${data}`;
}
},
{
"data": "username",
"render": function(data, type, row) {
return `${data}`;
}
},
{
"data": "email",
"render": function(data, type, row) {
return `${data}`;
}
},
{
"data": "phone",
"render": function(data, type, row) {
return `${data}`;
}
},
{
"data": "roles",
"render": function(data, type, row) {
var roles = ""
for (let i = 0; i < data.length; i++) roles += `<span class="badge bg-primary m-1">${data[i].name}</span>`;
return roles;
}
},
{
"data": "verification",
"render": function(data, type, row) {
var verification = ""
for (let i = 0; i < data.length; i++) verification += `<span class="badge bg-${data[i].verified==0 ? 'danger' : 'success'} m-1"> <i class="fa fa-${data[i].verified==0 ? 'xmark' : 'check'}"></i> ${data[i].type}</span>`;
return verification;
}
},
{
"data": null,
"defaultContent": "",
"render": function(data, type, row) {
return "";
}
}
],
"initComplete": function () {
// Custom init logic if needed
}
});