Newer
Older
################################################################################
# Data decryption
def do_decrypt( data ):
return AESCipher( session[ 'password' ] ).decrypt( data )
def do_encrypt( data ):
return AESCipher( session[ 'password' ] ).encrypt( data )
################################################################################
# File upload
@app.route( baseurl + '/upload', methods = [ 'GET', 'POST' ] )
@login_required
def upload_file():
upload_type = request.form.get( "upload_type", None )
if upload_type == None:
return jsonify( {
'error': True,
'msg': 'Must specify a file type to upload a file'
} )
if request.method == 'POST':
if 'file' not in request.files:
return jsonify( { 'error': True, 'msg': 'No file in the POST request' } )
elif 'upload_id' not in request.form:
return jsonify( { 'error': True, 'msg': 'No upload_id' } )
else:
try:
upload_id = request.form.get( "upload_id" )
sql = "SELECT id FROM submissions WHERE uuid = %s"
r = config.db.query( sql, ( upload_id, ) )
upload_id = r.fetchone()[ 'id' ]
except:
return jsonify( {
'error': True
} )
file = request.files[ 'file' ]
filename = do_encrypt( file.filename )
file_uuid = str( uuid4() )
fp = StringIO()
file.save( fp )
file_size = fp.tell()
fp.seek( 0 )
if upload_type in [ 'latent', 'tenprint_card_front', 'tenprint_card_back' ]:
img = Image.open( fp )
img_format = img.format
width, height = img.size
res = int( img.info[ 'dpi' ][ 0 ] )
img = rotate_image_upon_exif( img )
buff = StringIO()
img.save( buff, format = img_format )
buff.seek( 0 )
file_data = buff.getvalue()
if upload_type in [ 'tenprint_card_front', 'tenprint_card_back' ]:
create_thumbnail( file_uuid, img )
else:
file_data = fp.getvalue()
file_data = base64.b64encode( file_data )
if upload_type == "consent_form":
file_data = gpg.encrypt( file_data, config.gpg_key )
file_data = str( file_data )
upload_type_id = {
'consent_form': 0,
'tenprint_card_front': 1,
'tenprint_card_back': 2,
'latent': 3
sql = "INSERT INTO files ( folder, creator, filename, type, format, size, width, height, resolution, uuid, data ) VALUES ( %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s )"
data = ( upload_id, session[ 'user_id' ], filename, upload_type_id, img_format, file_size, width, height, res, file_uuid, file_data )
config.db.query( sql, data )
config.db.commit()
return jsonify( {
'error': False,
'filename': filename,
'filesize': file_size,
'uuid': file_uuid
} )
else:
return abort( 403 )
################################################################################
# Submission of a new donnor
@app.route( baseurl + '/new_donnor' )
@login_required
def submission_form():
return render_template(
"new_donnor.html",
baseurl = baseurl,
js = config.cdnjs,
css = config.cdncss,
session_timeout = config.session_timeout
)
@app.route( baseurl + '/create_submission', methods = [ "GET", "POST" ] )
@login_required
def create_submission_case():
email = request.form.get( "email", False )
if email:
# Check for duplicate base upon the email data
sql = "SELECT id, email_hash FROM submissions WHERE submitter_id = %s"
r = config.db.query( sql, ( session[ 'user_id' ], ) )
for case in r.fetchall():
if pbkdf2( email, case[ 'email_hash' ] ):
return jsonify( {
'error': True,
'msg': "Email already used"
} )
break
email_aes = do_encrypt( email )
email_hash = pbkdf2( email, random_data( 50 ), 50000 )
upload_nickname = request.form.get( "upload_nickname", None )
upload_nickname = do_encrypt( upload_nickname )
submitter_id = session[ 'user_id' ]
status = "pending"
sql = "INSERT INTO submissions ( uuid, email_aes, email_hash, nickname, status, submitter_id ) VALUES ( %s, %s, %s, %s, %s, %s ) RETURNING id"
data = ( id, email_aes, email_hash, upload_nickname, status, submitter_id )
config.db.commit()
return jsonify( {
'error': False,
'id': id
} )
else:
return jsonify( {
'error': True,
'msg': "Email not provided"
} )
@app.route( baseurl + '/donnor/<id>' )
@login_required
def update_donnor_folder( id ):
try:
sql = "SELECT email_aes as email, nickname, created_time FROM submissions WHERE submitter_id = %s AND uuid = %s"
r = config.db.query( sql, ( session[ 'user_id' ], id ) )
user = r.fetchone()
for key in [ 'email', 'nickname' ]:
user[ key ] = do_decrypt( user[ key ] )
return render_template(
"data_update/update_donnor.html",
baseurl = baseurl,
js = config.cdnjs,
css = config.cdncss,
session_timeout = config.session_timeout,
upload_id = id,
**user
)
except:
return jsonify( {
'error': True,
'msg': "Case not found"
} )
@app.route( baseurl + '/submission/<id>/latents' )
@login_required
def update_files_folder( id ):
sql = "SELECT id FROM submissions WHERE uuid = %s AND submitter_id = %s"
r = config.db.query( sql, ( id, session[ 'user_id' ], ) )
id = r.fetchone()[ 'id' ]
sql = "SELECT uuid, filename, size, creation_time FROM files WHERE folder = %s AND type = 2"
r = config.db.query( sql, ( id, ) )
files = r.fetchall()
for i, v in enumerate( files ):
v[ 'filename' ] = do_decrypt( v[ 'filename' ] )
v[ 'size' ] = round( ( float( v[ 'size' ] ) / ( 1024 * 1024 ) ) * 100 ) / 100
return render_template(
"data_update/update_latents.html",
baseurl = baseurl,
js = config.cdnjs,
css = config.cdncss,
session_timeout = config.session_timeout,
upload_id = id,
files = files
)
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
@app.route( baseurl + '/submission/<id>/tenprints' )
@login_required
def update_submission_tenprint( id ):
sql = "SELECT id FROM submissions WHERE uuid = %s AND submitter_id = %s"
r = config.db.query( sql, ( id, session[ 'user_id' ], ) )
id = r.fetchone()[ 'id' ]
sql = "SELECT * FROM files_v WHERE folder = %s AND type = 1"
r = config.db.query( sql, ( id, ) )
files = r.fetchall()
for i, v in enumerate( files ):
v[ 'filename' ] = do_decrypt( v[ 'filename' ] )
v[ 'size' ] = round( ( float( v[ 'size' ] ) / ( 1024 * 1024 ) ) * 100 ) / 100
return render_template(
"data_update/update_tenprint.html",
baseurl = baseurl,
js = config.cdnjs,
css = config.cdncss,
session_timeout = config.session_timeout,
upload_id = id,
files = files
)
################################################################################
# Image processing
@app.route( baseurl + '/image/info/<id>' )
@login_required
def img_info( id ):
d = do_img_info( id )
if d != None:
return jsonify( d )
else:
return abort( 404 )
def do_img_info( id ):
sql = "SELECT size, width, height, resolution, format FROM files WHERE uuid = %s"
r = config.db.query( sql, ( id, ) )
d = r.fetchone()
if d != None:
return dict( d )
else:
return None
@app.route( baseurl + '/image/preview/<id>' )
@referer_required
@login_required
def img_preview( id ):
sql = "SELECT size, data FROM thumbnails WHERE uuid = %s"
r = config.db.query( sql, ( id, ) )
img = r.fetchone()
if img == None:
sql = "SELECT size, data FROM files WHERE uuid = %s"
r = config.db.query( sql, ( id, ) )
img = r.fetchone()
do_thumbnail = True
else:
do_thumbnail = False
if img != None:
img = base64.b64decode( img[ 'data' ] )
buff = StringIO()
buff.write( img )
buff.seek( 0 )
img = Image.open( buff )
if do_thumbnail:
img.thumbnail( ( 300, 300 ) )
buff = StringIO()
img.save( buff, format = 'PNG' )
buff.seek( 0 )
return send_file( buff, mimetype = "image/png" )
else:
return abort( 404 )
def create_thumbnail( file_uuid, img ):
img.thumbnail( ( 1000, 1000 ) )
width, height = img.size
file_format = img.format
buff = StringIO()
img.save( buff, format = img.format )
img_size = buff.tell()
buff.seek( 0 )
img_data = buff.getvalue()
img_data = base64.b64encode( img_data )
sql = "INSERT INTO thumbnails ( uuid, width, height, size, format, data ) VALUES ( %s, %s, %s, %s, %s, %s )"
data = ( file_uuid, width, height, img_size, img.format, img_data, )
config.db.query( sql, data )
config.db.commit()
return
################################################################################
# Tenprint templates
@app.route( baseurl + '/tenprint_template/<id>/<t>' )
@login_required
def tp_template( id, t ):
if t in [ 'front', 'back' ]:
sql = """SELECT
tenprint_zones.pc, tl_x, tl_y, br_x, br_y, angle, pc.name
FROM tenprint_zones
JOIN tenprint_zones_location ON tenprint_zones.pc = tenprint_zones_location.pc
JOIN pc ON tenprint_zones.pc = pc.id
WHERE card = %s AND tenprint_zones_location.side = %s ORDER BY pc
"""
r = config.db.query( sql, ( id, t, ) ).fetchall()
zones = []
for pc, tl_x, tl_y, br_x, br_y, angle, pc_name in r:
tl_x = float( tl_x )
tl_y = float( tl_y )
br_x = float( br_x )
br_y = float( br_y )
zones.append( {
"pc": pc,
"tl_x": tl_x,
"tl_y": tl_y,
"br_x": br_x,
"br_y": br_y,
"angle": angle,
"pc_name": pc_name
sql = 'SELECT id, country_code, width, height, size_display, image_' + t + '_width, image_' + t + '_height, image_resolution FROM tenprint_cards WHERE id = %s LIMIT 1'
r = config.db.query( sql, ( id, ) )
img_info = r.fetchone()
card_info = {
'width': int( round( float( img_info[ 'width' ] ) / 2.54 * img_info[ 'image_resolution' ] ) ),
'height': int( round( float( img_info[ 'height' ] ) / 2.54 * img_info[ 'image_resolution' ] ) ),
}
svg_height = 1000
svg_width = int( round( svg_height * ( float( img_info[ 'image_' + t + '_width' ] ) / float( img_info[ 'image_' + t + '_height' ] ) ) ) )
'right': int( round( float( card_info[ 'width' ] ) / float( img_info[ 'image_' + t + '_width' ] ) * svg_width ) ),
'bottom': int( round( float( card_info[ 'height' ] ) / float( img_info[ 'image_' + t + '_height' ] ) * svg_height ) ),
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
}
card_img_info[ 'dpi' ] = card_img_info[ 'right' ] / ( float( img_info[ 'width' ] ) / 2.54 )
card_img_info[ 'dpc' ] = card_img_info[ 'right' ] / float( img_info[ 'width' ] )
return render_template(
"tp_template.html",
baseurl = baseurl,
admin = int( session[ 'account_type' ] ) == 1,
js = config.cdnjs,
css = config.cdncss,
session_timeout = config.session_timeout,
account_type = session.get( "account_type", None ),
zones = zones,
img_info = img_info,
card_info = card_info,
svg_height = svg_height,
svg_width = svg_width,
card_img_info = card_img_info,
card_id = id,
t = t
)
else:
return abort( 403 )
@app.route( baseurl + '/tenprint_template/image/<id>/<t>' )
@referer_required
@login_required
def tp_template_img( t, id ):
if t in [ 'front', 'back' ]:
sql = "SELECT image_front, image_back FROM tenprint_cards WHERE id = %s LIMIT 1"
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
r = config.db.query( sql, ( id, ) )
img = r.fetchone()
if img != None:
img = base64.b64decode( img[ 'image_' + t ] )
buff = StringIO()
buff.write( img )
buff.seek( 0 )
img = Image.open( buff )
img.thumbnail( ( 1000, 1000 ) )
buff2 = StringIO()
img.save( buff2, format = 'PNG' )
buff2.seek( 0 )
return send_file( buff2, mimetype = "image/png" )
else:
return abort( 403 )
################################################################################
# Home page
@app.route( baseurl + '/' )
@login_required
return render_template(
"index.html",
baseurl = baseurl,
admin = int( session[ 'account_type' ] ) == 1,
js = config.cdnjs,
css = config.cdncss,
session_timeout = config.session_timeout,
account_type = session.get( "account_type", None )
################################################################################
# Main startup
if __name__ == '__main__':
gpg = gnupg.GPG()
for file in os.listdir( config.keys_folder ):
with open( config.keys_folder + "/" + file, "r" ) as fp:
gpg.import_keys( fp.read() )
app.run( debug = debug, host = "0.0.0.0", threaded = True )