Browse Source

uploads get directly linked with user ID

master
Juni Kim 1 year ago
parent
commit
bdce561209
  1. 33
      app.py
  2. 6
      static/upload.txt
  3. 5
      templates/admin.html
  4. 52
      templates/base.html
  5. 17
      templates/user.html
  6. 11
      templates/view_chemical.html
  7. 2
      validate.py

33
app.py

@ -83,7 +83,7 @@ class User(db.Model):
@classmethod
def authorize_or_redirect(cls, admin=True):
if (admin and "admin" not in session) or "user" not in session:
return redirect(url_for("accounts_create"))
return redirect(url_for("login"))
else:
return None
@ -91,7 +91,7 @@ class User(db.Model):
class Chemical(db.Model):
query: db.Query
id = db.Column(db.Integer, primary_key=True)
person_name = db.Column(db.String, nullable=False)
person_id = db.Column(db.Integer, nullable=False)
standard_grp = db.Column(db.String, nullable=False)
# all fields after here are included in the database
chemical_db_id = db.Column(db.String)
@ -140,11 +140,13 @@ def handler_403(msg):
# Admin routes
@app.route('/admin')
@app.route('/dashboard')
def admin_root():
if login := User.authorize_or_redirect():
return login
return render_template("admin.html", user=session.get("admin"))
if 'admin' in session:
return render_template("admin.html", user=session.get("admin"))
if 'user' in session:
return render_template("user.html", user=session.get("user"))
return User.authorize_or_redirect(admin=False) or ""
@app.route('/accounts/create', methods=['GET', 'POST'])
@ -165,7 +167,7 @@ def accounts_create():
# because the IDE complains about type mismatches
form = {} | request.form
form['password'] = User.generate_password(pw)
form['admin'] = (True if form['admin'] == 'y' else False)
form['admin'] = (True if form.get('admin') == 'y' else False)
form.pop('reconfirm')
user = User(**form)
db.session.add(user)
@ -191,9 +193,7 @@ def accounts_edit():
@app.route('/accounts/view/<int:id>')
def accounts_edit_admin(id):
if login := User.authorize_or_redirect(admin=True):
return login
def accounts_view(id):
user = User.query.filter_by(id=id).one_or_404()
return render_template("account_view.html", user=object_as_dict(user))
@ -234,18 +234,19 @@ def home():
def chemical_create():
if not session.get('admin'):
abort(403)
user = User.query.filter_by(username=session.get('user')).one_or_404()
if request.method == "POST":
form = ChemicalForm(**request.form)
form = ChemicalForm(**(request.form | {"person_id": user.id}))
if form.validate():
new_chemical = Chemical(**form.data)
db.session.add(new_chemical)
db.session.commit()
return render_template("create_chemical.html", form=ChemicalForm(), success=True)
return render_template("create_chemical.html", form=ChemicalForm(), user=object_as_dict(user), success=True)
else:
return render_template("create_chemical.html", form=form, invalid=True), 400
else:
form = ChemicalForm()
return render_template("create_chemical.html", form=form)
form = ChemicalForm(person_id=user.id)
return render_template("create_chemical.html", form=form, user=object_as_dict(user))
@app.route("/chemical/<int:id>/update", methods=['GET', 'POST'])
@ -339,6 +340,7 @@ app.config['MAX_CONTENT_LENGTH'] = 3 * 1000 * 1000
def batch_add_request():
if not session.get('admin'):
abort(403)
user = User.query.filter_by(username=session.get('user')).one_or_404()
if request.method == "POST":
if "input" not in request.files or request.files["input"].filename == '':
return render_template("batchadd.html", invalid="Blank file included")
@ -357,7 +359,8 @@ def batch_add_request():
cleanup()
return render_template("batchadd.html", invalid=error)
else:
chemicals = [Chemical(**result) for result in results]
chemicals = [Chemical(**result, person_id=user.id)
for result in results]
db.session.add_all(chemicals)
db.session.commit()
cleanup()

6
static/upload.txt

@ -1,3 +1,3 @@
metabolite_name formula person_name mass final_mz final_rt final_adduct standard_grp msms_detected inchikey chemical_db_id library pubchem_cid pubmed_refcount standard_class inchikey14 adduct detected_adducts adduct_calc_mz msms_purity
Folic Acid C11H15N2O8P Tei Kim 441.1397 442.1470 36.8 M+H Endogenous Yes OVBPIULPVIDEAO-LBPRGKRZSA-N HRELC_00003 IROA_MSMLS_Library_Plate01 135398658 17654 Endogenous_metabolite OVBPIULPVIDEAO M+H M+H NA 0.968
Omethoate C5H12NO4PS Tei Kim 213.022466 214.029776 32.74 M+H Endogenous Yes PZXOQEXFMJCDPG-UHFFFAOYSA-N HRELC_00835 Restek_Mix1 14210 98 Pesticides PZXOQEXFMJCDPG M+H M+H 214.0297 0.968
metabolite_name formula mass final_mz final_rt final_adduct standard_grp msms_detected inchikey chemical_db_id library pubchem_cid pubmed_refcount standard_class inchikey14 adduct detected_adducts adduct_calc_mz msms_purity
Folic Acid C11H15N2O8P 441.1397 442.1470 36.8 M+H Endogenous Yes OVBPIULPVIDEAO-LBPRGKRZSA-N HRELC_00003 IROA_MSMLS_Library_Plate01 135398658 17654 Endogenous_metabolite OVBPIULPVIDEAO M+H M+H NA 0.968
Omethoate C5H12NO4PS 213.022466 214.029776 32.74 M+H Endogenous Yes PZXOQEXFMJCDPG-UHFFFAOYSA-N HRELC_00835 Restek_Mix1 14210 98 Pesticides PZXOQEXFMJCDPG M+H M+H 214.0297 0.968

5
templates/admin.html

@ -7,6 +7,11 @@
<h1>Admin Dashboard</h1>
<article>
<p>Logged in as {{user}}</p>
<a href="{{url_for('accounts_edit')}}">
<button>
Edit your profile
</button>
</a>
<a href="{{url_for('chemical_create')}}">
<button>
Add a Chemical

52
templates/base.html

@ -1,29 +1,29 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>DWalker Website</title>
<meta
name="description"
content="A website for aggregating and searching exposome data"
/>
<link rel="stylesheet" href="https://cdn.simplecss.org/simple.min.css" />
</head>
<body>
<header>
<nav>
<a href="{{ url_for('home') }}">Home</a>
<a href="{{ url_for('search') }}">Search</a>
{% if session.admin %}
<a href="{{ url_for('admin_root') }}">Admin</a>
<a href="{{ url_for('logout') }}">Logout</a>
{% else %}
<a href="{{ url_for('login') }}">Login</a>
{% endif %}
</nav>
</header>
<main>{% block content %} {% endblock %}</main>
</body>
<head>
<meta charset="UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>DWalker Website</title>
<meta
name="description"
content="A website for aggregating and searching exposome data"
/>
<link rel="stylesheet" href="https://cdn.simplecss.org/simple.min.css" />
</head>
<body>
<header>
<nav>
<a href="{{ url_for('home') }}">Home</a>
<a href="{{ url_for('search') }}">Search</a>
{% if session.user %}
<a href="{{ url_for('admin_root') }}">Dashboard</a>
<a href="{{ url_for('logout') }}">Logout</a>
{% else %}
<a href="{{ url_for('login') }}">Login</a>
{% endif %}
</nav>
</header>
<main>{% block content %} {% endblock %}</main>
</body>
</html>

17
templates/user.html

@ -0,0 +1,17 @@
{% extends "base.html" %}
{% block content %}
<h1>Regular User Dashboard</h1>
<article>
<p>Logged in as {{user}}</p>
<a href="{{url_for('batch_query_request')}}">
<button>
Batch Search Chemicals
</button>
</a>
<a href="{{url_for('accounts_edit')}}">
<button>
Edit your profile
</button>
</a>
</article>
{% endblock %}

11
templates/view_chemical.html

@ -15,6 +15,14 @@
<table>
{% for k,v in chemical.items() %}
<tr>
{% if k == "person_id" %}
<td>
<strong>{{k}}</strong>
</td>
<td>
<a href="{{url_for('accounts_view', id=v)}}">User ID {{v}}</a>
</td>
{% else %}
<td>
<strong>{{k}}</strong>
</td>
@ -23,8 +31,9 @@
{{ v }}
{% endif %}
</td>
{% endif %}
</tr>
{% endfor %}
</table>
{% endblock %}
{% endblock %}

2
validate.py

@ -8,7 +8,6 @@ _required_fields = [
# the "str" type means that this field can be any valid string.
("metabolite_name", "str"),
("formula", "str"),
("person_name", "str"),
# any field labeled a "float" needs to have a value in decimal notation.
("mass", "float"),
@ -16,7 +15,6 @@ _required_fields = [
("final_rt", "float"),
("final_adduct", "str"),
("standard_grp", "str"),
("person_name", "str"),
("msms_detected", "yesno"), # Value can either be "Yes" or "No"
("inchikey", "str"),
]

Loading…
Cancel
Save