Commit c716b741 authored by Julian Rother's avatar Julian Rother
Browse files

Log edits to changelog and enhance changelog page

parent 76ad54b4
...@@ -99,6 +99,8 @@ def ldapget(user): ...@@ -99,6 +99,8 @@ def ldapget(user):
conn = ldap3.Connection('ldaps://rumo.fsmpi.rwth-aachen.de', auto_bind=True) conn = ldap3.Connection('ldaps://rumo.fsmpi.rwth-aachen.de', auto_bind=True)
conn.search("ou=users,dc=fsmpi,dc=rwth-aachen,dc=de", "(uid=%s)"%user, conn.search("ou=users,dc=fsmpi,dc=rwth-aachen,dc=de", "(uid=%s)"%user,
attributes=ldap3.ALL_ATTRIBUTES) attributes=ldap3.ALL_ATTRIBUTES)
if not conn.entries:
return {}
e = conn.entries[0] e = conn.entries[0]
return {'uid': user, 'givenName': e.givenName.value, 'sn':e.sn.value} return {'uid': user, 'givenName': e.givenName.value, 'sn':e.sn.value}
else: else:
......
...@@ -132,10 +132,15 @@ def login(): ...@@ -132,10 +132,15 @@ def login():
if request.method == 'GET': if request.method == 'GET':
return render_template('login.html') return render_template('login.html')
user, groups = ldapauth(request.form.get('user'), request.form.get('password')) user, groups = ldapauth(request.form.get('user'), request.form.get('password'))
if user and 'users' in groups: if not user or not 'users' in groups:
session['user'] = ldapget(user)
else:
flash('Login fehlgeschlagen!') flash('Login fehlgeschlagen!')
return render_template('login.html')
session['user'] = ldapget(user)
dbuser = query('SELECT * FROM users WHERE name = ?', user)
if not dbuser:
query('INSERT INTO users (name, realname, fsacc, level, calendar_key, rfc6238) VALUES (?, ?, ?, 1, "", "")', user, session['user']['givenName'], user)
dbuser = query('SELECT * FROM users WHERE name = ?', user)
session['user']['dbid'] = dbuser[0]['id']
return redirect(request.values.get('ref', url_for('index'))) return redirect(request.values.get('ref', url_for('index')))
@app.route('/logout', methods=['GET', 'POST']) @app.route('/logout', methods=['GET', 'POST'])
...@@ -164,6 +169,10 @@ def edit(): ...@@ -164,6 +169,10 @@ def edit():
table, id, column = key.split('.', 2) table, id, column = key.split('.', 2)
assert table in tabs assert table in tabs
assert column in tabs[table][2] assert column in tabs[table][2]
old = query('SELECT %s AS value FROM %s WHERE %s = ?'%(column, table, tabs[table][1]), id)
query('''INSERT INTO changelog ("when", who, "table", id_key, id_value, field, value_old, value_new, executed)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, 1)''', datetime.now(), session['user']['dbid'], table,
tabs[table][1], id, column, old[0]['value'], val)
query('UPDATE %s SET %s = ? WHERE %s = ?'%(tabs[table][0], column, query('UPDATE %s SET %s = ? WHERE %s = ?'%(tabs[table][0], column,
tabs[table][1]), val, id) tabs[table][1]), val, id)
query('COMMIT') query('COMMIT')
...@@ -254,4 +263,5 @@ def stats(): ...@@ -254,4 +263,5 @@ def stats():
@register_navbar('Changelog', 'book') @register_navbar('Changelog', 'book')
@mod_required @mod_required
def log(): def log():
return render_template('log.html', changelog=query('SELECT * FROM changelog ORDER BY "when" LIMIT 10')) changelog = query('SELECT * FROM changelog LEFT JOIN users ON (changelog.who = users.id) ORDER BY "when" DESC LIMIT 10')
return render_template('log.html', changelog=changelog)
...@@ -18,7 +18,11 @@ ...@@ -18,7 +18,11 @@
{% for i in changelog %} {% for i in changelog %}
<tr> <tr>
<td>{{i.when}}</td> <td>{{i.when}}</td>
{% if i.realname %}
<td>{{i.realname}} ({{i.who}})</td>
{% else %}
<td>{{i.who}}</td> <td>{{i.who}}</td>
{% endif %}
<td>{{i.path}}</td> <td>{{i.path}}</td>
<td>"{{i.value_old}}"</td> <td>"{{i.value_old}}"</td>
<td>"{{i.value_new}}"</td> <td>"{{i.value_new}}"</td>
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment