Use db_query() function to get entries from db

[cavote.git] / main.py

#!/usr/bin/env python
# -*- coding: utf-8 -*-

from flask import Flask, request, session, g, redirect, url_for, abort, \
    render_template, flash
import sqlite3
from datetime import date, timedelta
from contextlib import closing
import locale
locale.setlocale(locale.LC_ALL, '')

DATABASE = '/tmp/cavote.db'
SECRET_KEY = '{J@uRKO,xO-PK7B,jF?>iHbxLasF9s#zjOoy=+:'
DEBUG = True
USERNAME = 'admin'
PASSWORD = 'admin'

app = Flask(__name__)
app.config.from_object(__name__)

def connect_db():
    return sqlite3.connect(app.config['DATABASE'])

@app.before_request
def before_request():
    g.db = connect_db()

@app.teardown_request
def teardown_request(exception):
    g.db.close()

@app.route('/')
def home():
    return render_template('index.html')

def query_db(query, args=(), one=False):
    cur = g.db.execute(query, args)
    rv = [dict((cur.description[idx][0], value)
        for idx, value in enumerate(row)) for row in cur.fetchall()]
    return (rv[0] if rv else None) if one else rv

def init_db():
    with closing(connect_db()) as db:
        with app.open_resource('schema.sql') as f:
            db.cursor().executescript(f.read())
        db.commit()

#----------------
# Login / Logout

def valid_login(username, password):
    return username == app.config['USERNAME'] and password == app.config['PASSWORD']

@app.route('/login', methods=['GET', 'POST'])
def login():
    error = None
    if request.method == 'POST':
        if valid_login(request.form['username'], request.form['password']):
            session['username'] = request.form['username']
            if session['username'] == 'admin':
                session['is_admin'] = True
            flash('You were logged in')
            return redirect(url_for('home'))
        else:
            error = "Invalid username/password"
    return render_template('login.html', error=error)

@app.route('/logout')
def logout():
    session.pop('username', None)
    session.pop('is_admin', None)
    flash('You were logged out')
    return redirect(url_for('home'))

#---------------
# User settings
@app.route('/user/settings/<username>')
def show_settings(username):
    if username != session['username']:
        abort(401)


#------------
# User admin


#------------
# Votes list

@app.route('/votes/<votes>')
def show_votes(votes):
    today = date.today()
    if votes == 'all':
        votes = query_db('select title, description, date_begin, date_end from votes order by id desc')
    elif votes == 'archive':
        votes = query_db('select title, description, date_begin, date_end from votes where date_end < (?) order by id desc', [today])
    elif votes == 'current':
        votes = query_db('select title, description, date_begin, date_end from votes where date_end >= (?) order by id desc', [today])
    else:
        abort(404)
    return render_template('show_votes.html', votes=votes)

#-------------
# Votes admin

@app.route('/votes/admin/new')
def new_vote():
    if not session.get('is_admin'):
        abort(401)
    return render_template('new_vote.html')

@app.route('/votes/admin/add', methods=['POST'])
def add_vote():
    if not session.get('is_admin'):
        abort(401)
    date_begin = date.today()
    date_end = date.today() + timedelta(days=int(request.form['days']))
    transparent = 0
    public = 0
    multiplechoice = 0
    if 'transparent' in request.form.keys():
        transparent = 1
    if 'public' in request.form.keys():
        public = 1
    if 'multiplechoice' in request.form.keys():
        multiplechoice = 1
    g.db.execute('insert into votes (title, description, date_begin, date_end, is_transparent, is_public, is_multiplechoice) values (?, ?, ?, ?, ?, ?, ?)',
            [request.form['title'], request.form['description'], date_begin, date_end, transparent, public, multiplechoice])
    g.db.commit()
    flash('New entry was successfully posted')
    return redirect(url_for('home'))

#------
# Main

if __name__ == '__main__':
    app.run()