poprawki bugow i dodatkowe funkcje
This commit is contained in:
Mateusz Gruszczyński
33
app.py
33
app.py
@ -133,6 +133,16 @@ def get_progress(list_id):
|
||||
percent = (purchased_count / total_count * 100) if total_count > 0 else 0
|
||||
return purchased_count, total_count, percent
|
||||
|
||||
def delete_receipts_for_list(list_id):
|
||||
receipt_pattern = f"list_{list_id}_"
|
||||
upload_folder = app.config['UPLOAD_FOLDER']
|
||||
for filename in os.listdir(upload_folder):
|
||||
if filename.startswith(receipt_pattern):
|
||||
try:
|
||||
os.remove(os.path.join(upload_folder, filename))
|
||||
except Exception as e:
|
||||
print(f"Nie udało się usunąć pliku {filename}: {e}")
|
||||
|
||||
# zabezpieczenie logowani do systemy - błędne hasła
|
||||
def is_ip_blocked(ip):
|
||||
now = time.time()
|
||||
@ -174,7 +184,8 @@ def require_system_password():
|
||||
if 'authorized' not in request.cookies \
|
||||
and request.endpoint != 'system_auth' \
|
||||
and not request.endpoint.startswith('static') \
|
||||
and not request.endpoint.startswith('login'):
|
||||
and not request.endpoint.startswith('login') \
|
||||
and request.endpoint != 'favicon':
|
||||
if request.path == '/':
|
||||
return redirect(url_for('system_auth'))
|
||||
else:
|
||||
@ -255,13 +266,13 @@ def index_guest():
|
||||
|
||||
@app.route('/system-auth', methods=['GET', 'POST'])
|
||||
def system_auth():
|
||||
ip = request.remote_addr
|
||||
#ip = request.remote_addr
|
||||
ip = request.access_route[0]
|
||||
next_page = request.args.get('next') or url_for('index_guest')
|
||||
|
||||
if is_ip_blocked(ip):
|
||||
flash('Przekroczono limit prób logowania. Dostęp zablokowany na 1 godzinę.', 'danger')
|
||||
return render_template('system_auth.html'), 403
|
||||
|
||||
if request.method == 'POST':
|
||||
if request.form['password'] == SYSTEM_PASSWORD:
|
||||
reset_failed_attempts(ip)
|
||||
@ -275,7 +286,6 @@ def system_auth():
|
||||
return render_template('system_auth.html'), 403
|
||||
remaining = attempts_remaining(ip)
|
||||
flash(f'Nieprawidłowe hasło do systemu. Pozostało prób: {remaining}', 'warning')
|
||||
|
||||
return render_template('system_auth.html')
|
||||
|
||||
@app.route('/archive_my_list/<int:list_id>')
|
||||
@ -577,24 +587,15 @@ def admin_panel():
|
||||
def delete_list(list_id):
|
||||
if not current_user.is_admin:
|
||||
return redirect(url_for('index_guest'))
|
||||
delete_receipts_for_list(list_id)
|
||||
list_to_delete = ShoppingList.query.get_or_404(list_id)
|
||||
Item.query.filter_by(list_id=list_to_delete.id).delete()
|
||||
Expense.query.filter_by(list_id=list_to_delete.id).delete()
|
||||
db.session.delete(list_to_delete)
|
||||
db.session.commit()
|
||||
flash(f'Usunięto listę: {list_to_delete.title}', 'success')
|
||||
return redirect(url_for('admin_panel'))
|
||||
|
||||
@app.route('/admin/delete_all_lists')
|
||||
@login_required
|
||||
def delete_all_lists():
|
||||
if not current_user.is_admin:
|
||||
return redirect(url_for('index_guest'))
|
||||
Item.query.delete()
|
||||
ShoppingList.query.delete()
|
||||
db.session.commit()
|
||||
flash('Usunięto wszystkie listy', 'success')
|
||||
return redirect(url_for('admin_panel'))
|
||||
|
||||
@app.route('/admin/add_user', methods=['GET', 'POST'])
|
||||
@login_required
|
||||
def add_user():
|
||||
@ -682,7 +683,9 @@ def delete_selected_lists():
|
||||
for list_id in ids:
|
||||
lst = ShoppingList.query.get(int(list_id))
|
||||
if lst:
|
||||
delete_receipts_for_list(lst.id)
|
||||
Item.query.filter_by(list_id=lst.id).delete()
|
||||
Expense.query.filter_by(list_id=lst.id).delete()
|
||||
db.session.delete(lst)
|
||||
db.session.commit()
|
||||
flash('Usunięto wybrane listy', 'success')
|
||||
|
||||
Reference in New Issue
Block a user