Bkolb/AICertification
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Bkolb:9726738a8ad7d667a3a116ea1be057a054386d83
Branches Tags
Bkolb:main
..
compare: Bkolb:0cb9a26974cf0b37270988b0db853d259942c786
Branches Tags
Bkolb:main

No commits in common. "9726738a8ad7d667a3a116ea1be057a054386d83" and "0cb9a26974cf0b37270988b0db853d259942c786" have entirely different histories.
9726738a8a ... 0cb9a26974

3 changed files with 7 additions and 148 deletions
Show Stats Expand all files Collapse all files

95
app/flask-postgres/app/app.py
View File

@ -1,7 +1,6 @@
import logging
import os
import re
import shutil
from datetime import datetime
from logging.handlers import RotatingFileHandler
@ -495,11 +494,6 @@ def admin_mandanten():
kontakt_email = request.form.get("kontakt_email", "").strip()
level = request.form.get("level", "0").strip()
admin_name = request.form.get("admin_name", "").strip()
admin_email = request.form.get("admin_email", "").strip().lower()
admin_password = request.form.get("admin_password", "")
admin_password2 = request.form.get("admin_password2", "")
email_pattern = r"^[^@\s]+@[^@\s]+\.[^@\s]+$"
error_message = None
@ -513,21 +507,6 @@ def admin_mandanten():
elif not re.match(email_pattern, kontakt_email):
error_message = "Bitte eine gültige Kontakt-E-Mail eingeben."
elif not admin_name:
error_message = "Admin User Name ist ein Pflichtfeld."
elif not admin_email:
error_message = "Admin User E-Mail ist ein Pflichtfeld."
elif not re.match(email_pattern, admin_email):
error_message = "Bitte eine gültige Admin E-Mail-Adresse eingeben."
elif not admin_password:
error_message = "Admin Passwort ist ein Pflichtfeld."
elif not admin_password2:
error_message = "Bitte Admin Passwort bestätigen."
elif admin_password != admin_password2:
error_message = "Die beiden Admin-Passwörter stimmen nicht überein."
elif len(admin_password) < 8:
error_message = "Das Admin Passwort muss mindestens 8 Zeichen lang sein."
if error_message:
cur.execute("""
SELECT id, kuerzel, name, kontakt_email, level
@ -555,72 +534,16 @@ def admin_mandanten():
"name": name,
"kontakt_email": kontakt_email,
"level": level,
"admin_name": admin_name,
"admin_email": admin_email,
}
},
**get_current_user()
)
cur.execute("""
SELECT id
FROM app_user
WHERE lower(email) = %s
""", (admin_email,))
existing_admin_user = cur.fetchone()
if existing_admin_user:
error_message = "Ein Benutzer mit der Admin E-Mail existiert bereits."
cur.execute("""
INSERT INTO mandant (kuerzel, name, kontakt_email, level)
VALUES (%s, %s, %s, %s)
RETURNING id
""", (kuerzel, name, kontakt_email, int(level or 0)))
new_mandant_id = cur.fetchone()[0]
# Standardgruppen für den neuen Mandanten
cur.execute("""
INSERT INTO app_group (mandant_id, group_name)
VALUES (%s, %s)
RETURNING id
""", (new_mandant_id, "Useradministration"))
useradmin_group_id = cur.fetchone()[0]
cur.execute("""
INSERT INTO app_group (mandant_id, group_name)
VALUES (%s, %s)
RETURNING id
""", (new_mandant_id, "Contentmanager"))
contentmanager_group_id = cur.fetchone()[0]
# erster Admin-User
admin_password_hash = generate_password_hash(admin_password)
cur.execute("""
INSERT INTO app_user (email, name, mandant_id, password_hash, status)
VALUES (%s, %s, %s, %s, %s)
RETURNING id
""", (admin_email, admin_name, new_mandant_id, admin_password_hash, 1))
new_admin_user_id = cur.fetchone()[0]
# User beiden Gruppen zuordnen
cur.execute("""
INSERT INTO user_group (user_id, group_id, mandant_id)
VALUES (%s, %s, %s)
""", (new_admin_user_id, useradmin_group_id, new_mandant_id))
cur.execute("""
INSERT INTO user_group (user_id, group_id, mandant_id)
VALUES (%s, %s, %s)
""", (new_admin_user_id, contentmanager_group_id, new_mandant_id))
conn.commit()
# Verzeichnis anlegen
mandant_dir = os.path.join(Config.FILES_DIR, str(new_mandant_id))
os.makedirs(mandant_dir, exist_ok=True)
elif action == "update":
mandant_id = request.form.get("id")
kuerzel = request.form.get("kuerzel", "").strip()
@ -640,17 +563,9 @@ def admin_mandanten():
elif action == "delete":
mandant_id = request.form.get("id")
mandant_id_int = int(mandant_id)
# Verzeichnis vor/nach dem Delete entfernen
mandant_dir = os.path.join(Config.FILES_DIR, str(mandant_id_int))
cur.execute("DELETE FROM mandant WHERE id = %s", (mandant_id_int,))
cur.execute("DELETE FROM mandant WHERE id = %s", (int(mandant_id),))
conn.commit()
if os.path.isdir(mandant_dir):
shutil.rmtree(mandant_dir, ignore_errors=True)
cur.close()
conn.close()
return redirect(url_for("admin_mandanten"))
@ -1235,7 +1150,7 @@ def dokument_upload(item_id):
final_name_part = item["default_filename"] or original_filename
stored_filename = f"{item_id}-{secure_filename(final_name_part)}"
mandant_dir = os.path.join("/app/files", str(mandant_id))
mandant_dir = os.path.join("/files", str(mandant_id))
os.makedirs(mandant_dir, exist_ok=True)
full_path = os.path.join(mandant_dir, stored_filename)
@ -1290,7 +1205,7 @@ def dokument_upload(item_id):
@contentmanager_required
def dokument_delete(item_id):
mandant_id = session.get("mandant_id")
mandant_dir = os.path.join("/app/files", str(mandant_id))
mandant_dir = os.path.join("/files", str(mandant_id))
conn = get_connection()
cur = conn.cursor()
@ -1345,7 +1260,7 @@ def dokument_file(item_id):
abort(404)
stored_filename = row[0]
mandant_dir = os.path.join("/app/files", str(mandant_id))
mandant_dir = os.path.join("/files", str(mandant_id))
return send_from_directory(mandant_dir, stored_filename)
@app.template_filter("datetime")

2
app/flask-postgres/app/config.py
View File

@ -11,11 +11,9 @@ class Config:
DB_PORT = os.getenv("DB_PORT", "5432")
LOG_DIR = os.getenv("LOG_DIR", "./logs")
FILES_DIR = os.getenv("FILES_DIR", "/app/files")
COUNTRY_VAT_LABELS = {
"DE": "inkl. 19% USt",
"AT": "inkl. 20% USt",
"CH": "exkl. MwSt",
}

54
app/flask-postgres/app/templates/admin_mandanten.html
View File

@ -59,29 +59,6 @@
min="0">
</div>
<div class="form-row">
<label for="admin_name">Admin User Name</label>
<input type="text" id="admin_name" name="admin_name"
value="{{ form_values.admin_name if form_values else '' }}" required>
</div>
<div class="form-row">
<label for="admin_email">Admin User E-Mail</label>
<input type="email" id="admin_email" name="admin_email"
value="{{ form_values.admin_email if form_values else '' }}" required>
</div>
<div class="form-row">
<label for="admin_password">Admin Passwort</label>
<input type="password" id="admin_password" name="admin_password" required>
</div>
<div class="form-row">
<label for="admin_password2">Admin Passwort bestätigen</label>
<input type="password" id="admin_password2" name="admin_password2" required>
</div>
<div class="form-row form-row-full">
<div id="mandant-create-error" class="error-box" style="display: none;"></div>
<button type="submit" class="btn-primary">Mandant anlegen</button>
@ -196,37 +173,6 @@
errorBox.innerHTML = "";
errorBox.style.display = "none";
}
const adminName = document.getElementById("admin_name").value.trim();
const adminEmail = document.getElementById("admin_email").value.trim();
const adminPassword = document.getElementById("admin_password").value;
const adminPassword2 = document.getElementById("admin_password2").value;
if (!adminName) {
errors.push("Admin User Name ist ein Pflichtfeld.");
}
if (!adminEmail) {
errors.push("Admin User E-Mail ist ein Pflichtfeld.");
} else if (!emailRegex.test(adminEmail)) {
errors.push("Bitte eine gültige Admin E-Mail-Adresse eingeben.");
}
if (!adminPassword) {
errors.push("Admin Passwort ist ein Pflichtfeld.");
}
if (!adminPassword2) {
errors.push("Bitte Admin Passwort bestätigen.");
}
if (adminPassword && adminPassword2 && adminPassword !== adminPassword2) {
errors.push("Die beiden Admin-Passwörter stimmen nicht überein.");
}
if (adminPassword && adminPassword.length < 8) {
errors.push("Das Admin Passwort muss mindestens 8 Zeichen lang sein.");
}
});
});
</script>