Merge branch 'master' of git.fsmpi.rwth-aachen.de:julianundandyfrickelnkram/videoagwebsite

server.py

 #!/bin/python
+
 from flask import *
+from functools import wraps
 import sqlite3
 import os
 import re
@@ -44,16 +46,19 @@ def query(operation, *params):
 		import mysql.connector
 		if 'db' not in g or not g.db.is_connected():
 			g.db = mysql.connector.connect(user=config['MYSQL_USER'], password=config['MYSQL_PASSWD'], host=config['MYSQL_HOST'], database=config['MYSQL_DB'])
-		cur = g.db.cursor(dictionary=True)
-		cur.execute(operation.replace('?', '%s'), params)
-		return cur.fetchall()
+		if not hasattr(request, 'db'):
+			request.db = g.db.cursor(dictionary=True)
+		request.db.execute(operation.replace('?', '%s'), params)
 	elif config['DB_ENGINE'] == 'sqlite':
 		if 'db' not in g:
 			g.db = sqlite3.connect(config['SQLITE_DB'])
 			g.db.row_factory = dict_factory
-		cur = g.db.cursor()
-		cur.execute(operation, params)
-		return cur.fetchall()
+		if not hasattr(request, 'db'):
+			request.db = g.db.cursor()
+		request.db.execute(operation, params)
+	else:
+		return []
+	return request.db.fetchall()
 
 def searchquery(text, columns, match, tables, suffix, *suffixparams):
 	params = []
@@ -73,8 +78,12 @@ def searchquery(text, columns, match, tables, suffix, *suffixparams):
 	return query(expr, *params, *suffixparams)
 
 LDAP_USERRE = re.compile(r'[^a-z0-9]')
+notldap = {
+	'videoag':('videoag', ['users','videoag'], {'uid': 'videoag', 'givenName': 'Video', 'sn': 'Geier'}),
+	'gustav':('passwort', ['users'], {'uid': 'gustav', 'givenName': 'Gustav', 'sn': 'Geier'})
+}
+
 def ldapauth(user, password):
-	notldap = {'videoag':('videoag', ['users','videoag']), 'gustav':('passwort', ['users'])}
 	user = LDAP_USERRE.sub(r'', user.lower())
 	if 'LDAP_HOST' in config:
 		import ldap3
@@ -91,8 +100,6 @@ def ldapauth(user, password):
 	return None, []
 
 def ldapget(user):
-	notldap = {'videoag': {'uid': 'videoag', 'givenName': 'Video', 'sn': 'Geier'},
-		'gustav': {'uid': 'gustav', 'givenName': 'Gustav', 'sn': 'Geier'}}
 	user = LDAP_USERRE.sub(r'', user.lower())
 	if 'LDAP_HOST' in config:
 		import ldap3
@@ -102,7 +109,17 @@ def ldapget(user):
 		e = conn.entries[0]
 		return {'uid': user, 'givenName': e.givenName.value, 'sn':e.sn.value}
 	else:
-		return notldap[user]
+		return notldap[user][2]
+
+def login_required(func):
+	@wraps(func)
+	def decorator(*args, **kwargs):
+		if not 'user' in session:
+			flash('Diese Funktion ist nur für Moderatoren verfügbar!')
+			return redirect(url_for('login', ref=request.url))
+		else:
+			return func(*args, **kwargs)
+	return decorator
 
 @app.route('/')
 def index():
@@ -167,8 +184,10 @@ def course():
 	else:
 		return redirect(url_for('index'))
 
-@app.route('/login', methods=['POST'])
+@app.route('/login', methods=['GET', 'POST'])
 def login():
+	if request.method == 'GET':
+		return render_template('login.html')
 	user, groups = ldapauth(request.form.get('user'), request.form.get('password'))
 	if user and 'users' in groups:
 		session['user'] = ldapget(user)
@@ -187,5 +206,28 @@ def logout():
 	else:
 		return redirect(url_for('index'))
 
+@app.route('/edit')
+@login_required
+def edit():
+	tabs = {
+		'courses': ('courses_data', 'id', ['visible', 'listed', 'title', 'short',
+				'handle', 'organizer', 'subject', 'credits', 'semester', 'downloadable',
+				'internal', 'responsible']),
+		'lectures': ('lectures_data', 'id', ['visible', 'title', 'comment',
+				'internal', 'speaker', 'place', 'time', 'duration', 'jumplist',
+				'titlefile']),
+		'site_texts': ('site_texts', 'key' ['value']),
+		'videos': ('videos_data', 'id', ['visible', 'downloadable', 'title',
+				'comment', 'internal'])
+	}
+	query('BEGIN TRANSACTION')
+	for key, val in request.get_json():
+		table, column, id = key.split('.', 2)
+		assert table in tabs
+		assert column in tabs[table][2]
+		query('UPDATE %s SET %s = ? WHERE %s = ?'%(tabs[table][0], column,
+					tabs[table][1]), val, id)
+	query('COMMIT TRANSACTION')
+
 if __name__ == '__main__':
 	app.run()

templates/base.html

@@ -5,6 +5,8 @@
 ] -%}
 {% set active_page = active_page|default('none') -%}
 
+{% set page_border = page_border|default(1) -%}
+
 <!DOCTYPE html>
 <html>
 	<head>
@@ -94,13 +96,21 @@
 			</div>
 		</nav>
 		<div class="container-fluid">
+			<div class="row">
+				{% if page_border == 0 %}
+				<div class="col-xs-12">
+				{% else %}
+				<div class="col-xs-12 col-md-offset-{{ page_border }} col-md-{{ 12-(2*page_border) }}">
+				{% endif %}
 					{% for msg in get_flashed_messages() %}
-				<div class="row"><div class="alert alert-danger col-xs-12" role="alert">{{ msg }}</div></div>
+					<div class="alert alert-danger" role="alert">{{ msg }}</div>
 					{% endfor %}
 					{% block content %}
 					<h1>This is a Heading</h1>
 					<p>This is a paragraph.</p>
 					{% endblock %}
 				</div>
+			</div>
+		</div>
 	</body>
 </html>

templates/course.html

@@ -2,14 +2,11 @@
 {% from 'macros.html' import preview %}
 {% extends "base.html" %}
 {% block content %}
-<div class="col-xs-offset-1 col-xs-10">
 <div class="panel panel-default">
 	<div class="panel-heading">
 		<h1 class="panel-title">{{course.title}}</h1>
 	</div>
 </div>
-<div class="col-xs-offset-1 col-xs-10">
-</div>
 <div class="panel panel-default">
 	<div class="panel-heading">
 		<h1 class="panel-title">Videos</h1>
@@ -20,5 +17,4 @@
 		{% endfor %}
 	</ul>
 </div>
-</div>
 {% endblock %}

templates/faq.html

@@ -2,8 +2,6 @@
 {% extends "base.html" %}
 {% set active_page = "faq" %}
 {% block content %}
-<div class="row">
-	<div class="col-xs-10 col-xs-offset-1">
 <div class="alert alert-warning alert-dismissible" role="alert" id="kontakt">
 	Unter <a href="mailto:video@fsmpi.rwth-aachen.de">video@fsmpi.rwth-aachen.de</a> stehen wir für alle Fragen bereit.
 </div>
@@ -52,8 +50,6 @@
 		</div>
 	</div>
 </div>
-	</div>
-</div>
 
 <style>
 .faqHeader {

templates/index.html

 {% from 'macros.html' import preview %}
 {% extends "base.html" %}
 {% set active_page = "index" %}
+{% set page_border = 0 %}
 {% block content %}
 <div class="row">
 	<div class="col-md-6 panel-group">

templates/login.html

+{% extends "base.html" %}
+{% block content %}
+<div class="panel panel-default">
+	<div class="panel-heading">
+		<h1 class="panel-title">Login für Moderatoren</h1>
+	</div>
+	<div class="panel-body">
+		<form method="post" action="login">
+			<input placeholder="User" name="user" type="text"><br>
+			<input placeholder="Password" name="password" type="password"><br>
+			{% if 'ref' in request.values %}
+			<input type="hidden" name="ref" value="{{ request.values.ref|e }}">
+			{% endif %}
+			<input type="submit" value="Login">
+		</form>
+	</div>
+</div>
+{% endblock %}

templates/search.html

@@ -2,7 +2,6 @@
 {% from 'macros.html' import preview %}
 {% extends "base.html" %}
 {% block content %}
-<div class="col-xs-offset-1 col-xs-10">
 <div class="panel panel-default">
 	<div class="panel-heading">
 		<h1 class="panel-title">Veranstaltungen</h1>
@@ -33,5 +32,4 @@
 		{% endif %}
 	</div>
 </div>
-</div>
 {% endblock %}

templates/videos.html

@@ -3,12 +3,11 @@
 
 {% extends "base.html" %}
 {% block content %}
-<div class="row"><div class="col-xs-offset-1 col-xs-10">
 <div class="row">
 	<div class="col-xs-12 dropdown" style="margin-bottom: 10px;">
-				<button class="btn btn-primary dropdown-toggle pull-right" type="button" data-toggle="dropdown">Grupierung
+		<button class="btn btn-primary dropdown-toggle pull-right" type="button" data-toggle="dropdown">Gruppierung
 		<span class="caret"></span></button>
-				<ul class="dropdown-menu">
+		<ul class="dropdown-menu dropdown-menu-right">
 			<li><a href="?groupedby=semester">Semester</a></li>
 			<li><a href="?groupedby=title">Veranstaltungen</a></li>
 			<li><a href="?groupedby=organizer">Dozenten</a></li>
@@ -33,6 +32,5 @@
 	</div></div>
 </div>
 {% endfor %}
-</div></div>
 
 {% endblock %}