#!/usr/bin/python from flask import Flask, render_template, Response, g, redirect, abort, request, send_from_directory from re import match from users import users import sqlite3 import os app = Flask('BrmBar') @app.route('/') def index(): cur = g.db.execute('SELECT code, name, price FROM items ORDER BY name') items = [dict(code = row[0], name = row[1], price = row[2]) for row in cur.fetchall()] return render_template('index.html', items = items) @app.route('/code/') def code(code): LEN = 25 if match('^U[0-9]{4}$', code): userid = int(code[1:]) cur = g.db.execute('SELECT balance FROM balance WHERE userid = ?', (userid, )) row = cur.fetchone() if row: usercredit = '%d Kc' % row[0] else: usercredit = '0 Kc' try: username = users[userid] except: username = 'Unknown' r = username[:LEN - len(usercredit) - 1].ljust(LEN - len(usercredit) - 1) + ' ' + usercredit return Response(r, content_type = 'text/plain') if code == 'R0000': return Response('Reset Credit to 0', content_type = 'text/plain') if match('^\C[0-9]{4}$', code): amount = int(code[1:]) return Response('Credit %d' % amount, content_type = 'text/plain') if match('^[0-9]+$', code): cur = g.db.execute('SELECT name, price FROM items WHERE code = ?', (code, )) row = cur.fetchone() if row: itemname = row[0] itemprice = '%d Kc' % row[1] else: itemname = 'Unknown' itemprice = '0 Kc' r = itemname[:LEN - len(itemprice) - 1].ljust(LEN - len(itemprice) - 1) + ' ' + itemprice return Response(r, content_type = 'text/plain') abort(400) @app.route('/action//') def action(user, item): if not match('^U[0-9]{4}$', user): abort(400) user = int(user[1:]) if item == 'R0000': g.db.execute('DELETE FROM balance WHERE userid = ?', (user, )) g.db.execute('INSERT INTO log(userid, event) VALUES(?, ?)', (user, 'Credit reset')) g.db.commit() if match('^C[0-9]{4}$', item): cur = g.db.execute('SELECT balance FROM balance WHERE userid = ?', (user, )) row = cur.fetchone() if row: balance = int(row[0]) + int(item[1:]) g.db.execute('UPDATE balance SET balance = ? WHERE userid = ?', (balance, user)) g.db.execute('INSERT INTO log(userid, event) VALUES(?, ?)', (user, 'Credit +%s' % item[1:])) g.db.commit() else: balance = int(item[1:]) g.db.execute('INSERT INTO balance(balance, userid) VALUES(?, ?)', (balance, user)) g.db.execute('INSERT INTO log(userid, event) VALUES(?, ?)', (user, 'Credit +%s' % item[1:])) g.db.commit() if match('^[0-9]+$', item): cur1 = g.db.execute('SELECT price FROM items WHERE code = ?', (item, )) row1 = cur1.fetchone() cur2 = g.db.execute('SELECT balance FROM balance WHERE userid = ?', (user, )) row2 = cur2.fetchone() if not row1: abort(400) if row2: balance = - int(row1[0]) + int(row2[0]) g.db.execute('UPDATE balance SET balance = ? WHERE userid = ?', (balance, user)) g.db.execute('INSERT INTO log(userid, itemcode) VALUES(?, ?)', (user, item)) g.db.commit() else: balance = - int(row1[0]) g.db.execute('INSERT INTO balance(balance, userid) VALUES(?, ?)', (balance, user)) g.db.execute('INSERT INTO log(userid, itemcode) VALUES(?, ?)', (user, item)) g.db.commit() return Response('OK', content_type = 'text/plain') @app.route('/items/') def items(): cur = g.db.execute('SELECT code, name, price FROM items ORDER BY name') items = [dict(code = row[0], name = row[1], price = row[2]) for row in cur.fetchall()] return render_template('items.html', items = items) @app.route('/items/', methods = ['POST']) def items_post(): f = request.form for (k, v) in f.iteritems(): if k == 'add' and v == 'add': if f['code'] and f['name'] and f['price']: g.db.execute('INSERT INTO items (code, name, price) VALUES (?, ?, ?)', (f['code'], f['name'], f['price'])) g.db.commit() return redirect('/items/') if k.startswith('delete:') and v == 'delete': code = k[7:] g.db.execute('DELETE FROM items WHERE code = ?', (code, )) g.db.commit() return redirect('/items/') abort(400) @app.route('/barcodes.txt') def barcodestxt(): ret = [] ret.append('Credit 20;C0020') ret.append('Credit 50;C0050') ret.append('Credit 100;C0100') ret.append('Credit 200;C0200') ret.append('Credit 500;C0500') ret.append('Credit 1000;C1000') ret.append('Credit 2000;C2000') ret.append('RESET;R0000') for (id,name) in sorted(users.iteritems(), key = lambda (k,v): (v,k)): ret.append('%s;U%d' % (name, id)) response = Response(response = '\n'.join(ret) + '\n', content_type = 'text/plain') return response @app.route('/log/') def log(): cur = g.db.execute('SELECT ts, userid, name, price, code, event FROM log LEFT JOIN items ON log.itemcode = items.code ORDER BY ts DESC') rows = [dict(ts = row[0], user = users[row[1]], itemname = row[2], price = row[3], code = row[4], event = row[5]) for row in cur.fetchall()] return render_template('log.html', rows = rows) @app.route('/stats/') def stats(): return render_template('stats.html') @app.route('/static/items/') def download_file(filename): if not os.path.exists('static/items/' + filename): filename = 'missing.jpg' return send_from_directory('static/items/', filename, mimetype='image/jpeg') @app.before_request def before_request(): g.db = sqlite3.connect('db/brmbar.db') @app.after_request def after_request(response): g.db.close() return response if __name__ == '__main__': app.run(host = '0.0.0.0', port = 45678, debug = True)